Date: Tue, 28 Sep 2004 08:58:16 -0500 From: Peter Schultz <pete@beforever.com> To: Doug Barton <DougB@FreeBSD.org> Cc: freebsd-current@freebsd.org Subject: Re: HEADS UP: named now runs chroot'ed by default Message-ID: <727FCC18-1156-11D9-BBA6-000D936BE398@beforever.com> In-Reply-To: <20040928025635.Q5094@ync.qbhto.arg> References: <20040928025635.Q5094@ync.qbhto.arg>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 28, 2004, at 5:03 AM, Doug Barton wrote: > Folks, > > I just committed a named "auto-chroot" system that will allow named to > run chroot'ed by default. If you have an existing named configuration > in /etc/namedb, the instructions for updating it are in src/UPDATING. > If you are already chroot'ing named, especially if you are using > /var/named as the chroot directory, you should back everything up > before upgrading and proceed with caution. :) > Why not do it FreeBSD style and auto-jail named? Sincerely, Pete... > For those that don't have a named configuration, all you should have > to do is 'rm -r /etc/namedb' and you'll be fine. > > Comments and suggestions are welcome, but please try to keep the > bikeshedding about specific bits down to an absolute minimum. The > directory structure and related options worked very well on hundreds > of name servers on a very busy enterprise network, so I have a high > degree of confidence that the defaults are sensible. That said, I am > open to genuine improvements, and dialogue on optional bits. > > Enjoy, > > Doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?727FCC18-1156-11D9-BBA6-000D936BE398>