On 02/14/2013 08:47 PM, Robert Moskowitz wrote:
> I just downloaded the bind-chroot rpm and looked into it with Archive
> manager (so I am lazy), and no files, just the chroot tree. I am
> assuming there is some script that Archive manager does not show, or I
> am just missing it, because the ROOTDIR= did get added to
> /etc/sysconfig/named (and the one in the bind rpm is without this line).
>
> Just interesting that if you chroot, you are expected to know that
> everything needs to be placed there. And they leave the /etc/named.conf
> there untouched. Seems they should remove this or make it a symlink?
I just went back to the Centos 5.5 bind-chroot rpm (which I have on my
local repo server) and it is the same. Wow, that means I have been
caring this stuff around further back than that? But one thing is in
5.5 it created /var/named/chroot/var/named/ data and slave which 6.3 are
not. And I am having permission problems with these two subdirectories
and I am NOT seeing the problem. Hope it is not a selinux issue.
>
> And what about /etc/rndc.key? your chrooted bind uses the
> /var/named/chroot/etc/rndc.key and rndc uses the /etc/rndc.key, or so it
> seems, so your rndc.key is left unprotected outside of the chroot jail?
> Am I missing something in the rndc setup with chrooted bind? I am not
> seeing any special instructions on this in the Redhat documentation.
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
