Date: Mon, 3 Dec 2001 13:13:16 -0800 From: Gabriel Rocha <icognito@neutraldomain.org> To: freebsd-stable@FreeBSD.org Subject: Handbook addition suggestion Message-ID: <20011203131316.B4133@neutraldomain.org>
next in thread | raw e-mail | index | archive | help
After laboring for a little while to get named running properly
under a chroot I came up with the following sequence, which is a
slight deviation from the handbook's "Chroot howto." Granted, you
don't need the two libs for named to run in the chroot, but
named-xfer would be nice to have and it dies with a signal 6 if
ld-elf.so.1 is not where it wants it to be. The problem goes away
entirely if you compile things statically, but I always figured the
handbook was for newbies as much as for non-newbies to use for
reference. Also, the mention of the very few files needed for the
chroot to work would be nice, namely /dev/null and /dev/random.
Following is my (perhaps overly detailed sometimes) step-by-step
guide for a working named chroot. --Gabe
PS- I dont mean for the whole thing to be added to the handbook,
perhaps just the devices that really need to be there and a
reference to shared libs. Although adding this to
/usr/share/examples/bind (it doesn't exist yet) would prove useful
for newbies and non-newbies to come.
mkdir -p /etc/namedb/sandbox/etc/namedb/master
mkdir /etc/namedb/sandbox/etc/namedb/slave
mkdir -p /etc/namedb/sanbox/usr/libexec
mkdir /etc/namedb/sanbox/usr/lib
mkdir -p /etc/namedb/sanbox/var/run
mkdir /etc/namedb/sandbox/dev
cd /etc/namedb/sandbox/dev
mknod null c 2 2
mknod random c 2 3
cd /etc/namedb/sandbox/etc
cp /etc/localtime .
cd /etc/namedb/sandbox/etc/namedb
cp /etc/namedb/named.root .
cp /etc/namedb/named.conf .
cd /etc/namedb/sandbox/etc/namedb/master
cp /etc/namedb/localhost.rev .
cd /etc/namedb/sandbox/usr/lib
cp /usr/lib/libc.so.4 .
cd /etc/namedb/sandbox/usr/libexec
cp /usr/libexec/ld-elf.so.1 .
cp /usr/libexec/named-xfer .
lorax# cat /etc/namedb/sandbox/etc/namedb/named.conf
options {
directory "/etc/namedb";
listen-on { 192.168.0.1; };
version "foo";
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "master/localhost.rev";
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT" {
type master;
file "master/localhost.rev";
};
lorax# cat /etc/rc.conf
syslogd_enable="YES"
syslogd_flags="-s -l /etc/namedb/sandbox/var/run/log"
named_enable="YES"
named_program="named"
named_flags="-u bind -g bind -t /etc/namedb/sandbox /etc/namedb/named.conf"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011203131316.B4133>