Date: 14 Jul 2002 11:46:18 +0100 From: Stacey Roberts <sroberts@dsl.pipex.com> To: Matthew Seaman <m.seaman@infracaninophile.co.uk> Cc: FreeBSD-Questions <freebsd-questions@freebsd.org> Subject: Re: Cannot start bind in samdbox? Message-ID: <1026643580.97896.25.camel@Demon.vickiandstacey.com> In-Reply-To: <20020714103149.GB25158@happy-idiot-talk.infracaninophi> References: <1026640255.97896.9.camel@Demon.vickiandstacey.com> <20020714103149.GB25158@happy-idiot-talk.infracaninophi>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-FOIjDfNQ2+xG7VGvbSTZ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi Matthew, Thanks for getting back to me. Forgive me for asking this, but seeing that your procedure is so blantantly different to what is suggested in *both* books, is something actually wrong in those book? I mean.., what I'm being told to do in both the Handbook as well as FBSD Unleashed., is nothing like what you have suggested here., I'm only trying to have things as secure - but standardized as much as I can on the machine. Thanks for the time, I'd appreciate you (and others') view on what *is* supposed to be the standard procedure for running bind in a sandbox. Stacey On Sun, 2002-07-14 at 11:31, Matthew Seaman wrote: > On Sun, Jul 14, 2002 at 10:50:54AM +0100, Stacey Roberts wrote: >=20 > > I'm trying to set named up on a box here, following the handbook a= s > > well as FBSD Unleashed - but I cannot seem to get bind started and goin= g > > in a sandbox. > >=20 > > This is the error I keep getting: > > # /usr/sbin/named -u bind -g bind -t /etc/namedb/s/ > > can't open '/etc/namedb/named.conf' > > # >=20 > If your named.conf file is in the usual place, /etc/namedb/named.conf, > then it's going to be inaccessible to named once it's performed the > chroot(2) to /etc/named/s >=20 > You need to replicate all of the file structure of /etc/namedb to your > chroot directory. Try this: >=20 > mkdir /var/named > cd / > tar -cf - etc/namedb | (cd /var/named ; tar -xvpf - ) >=20 > Now when you start up named, use the command line: >=20 > /usr/sbin/named -u bind -g bind -t /var/named >=20 > named should then be happily reading the file > /var/named/etc/namedb/named.conf thinking that it's actually /etc/named.c= onf >=20 > Cheers, >=20 > Matthew >=20 > --=20 > Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks > Savill Way > Tel: +44 1628 476614 Marlow > Fax: +44 0870 0522645 Bucks., SL7 1TH UK --=20 Stacey Roberts B.Sc. (HONS) Computer Science Network Systems Engineer --=-FOIjDfNQ2+xG7VGvbSTZ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi Matthew, Thanks for getting back to me. Forgive me for asking this, but seeing that your procedure is so blantantly different to what is suggested in *both* books, is something actually wrong in those book? I mean.., what I'm being told to do in both the Handbook as well as FBSD Unleashed., is nothing like what you have suggested here., I'm only trying to have things as secure - but standardized as much as I can on the machine. Thanks for the time, I'd appreciate you (and others') view on what *is* supposed to be the standard procedure for running bind in a sandbox. Stacey On Sun, 2002-07-14 at 11:31, Matthew Seaman wrote: > On Sun, Jul 14, 2002 at 10:50:54AM +0100, Stacey Roberts wrote: >=20 > > I'm trying to set named up on a box here, following the handbook a= s > > well as FBSD Unleashed - but I cannot seem to get bind started and goin= g > > in a sandbox. > >=20 > > This is the error I keep getting: > > # /usr/sbin/named -u bind -g bind -t /etc/namedb/s/ > > can't open '/etc/namedb/named.conf' > > # >=20 > If your named.conf file is in the usual place, /etc/namedb/named.conf, > then it's going to be inaccessible to named once it's performed the > chroot(2) to /etc/named/s >=20 > You need to replicate all of the file structure of /etc/namedb to your > chroot directory. Try this: >=20 > mkdir /var/named > cd / > tar -cf - etc/namedb | (cd /var/named ; tar -xvpf - ) >=20 > Now when you start up named, use the command line: >=20 > /usr/sbin/named -u bind -g bind -t /var/named >=20 > named should then be happily reading the file > /var/named/etc/namedb/named.conf thinking that it's actually /etc/named.c= onf >=20 > Cheers, >=20 > Matthew >=20 > --=20 > Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks > Savill Way > Tel: +44 1628 476614 Marlow > Fax: +44 0870 0522645 Bucks., SL7 1TH UK - --=20 Stacey Roberts B.Sc. (HONS) Computer Science Network Systems Engineer -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQA/AwUBPTFWePdn4A8qiCO5EQKUzwCfdUY0mP2vtdlO/RlsVfMLVNdbcuQAoNV3 wiUtoYqjyFhKhSuFodK3ln0Y =hOmB -----END PGP SIGNATURE----- --=-FOIjDfNQ2+xG7VGvbSTZ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1026643580.97896.25.camel>