BIND-8.2.2p5 running chroot'd on 10.20
Ralf Hildebrandt
R.Hildebrandt at tu-bs.de
Fri Feb 25 12:58:45 UTC 2000
No answers, but by boosting the debug level and occasionally running named
as root I found out what was going amiss.
That whole "-t" option is really badly documented in the BIND-distribution.
> But how do I pass the arguments to ndc that emulate the following?
>
> /var/spool/named/usr/sbin/named -t /var/spool/named/ -u named
> (binary in chroot-jail) (chroot-jail) (user to run named as)
I'm a moron, the arguments just get passed on:
% ndc -c /var/spool/named/var/run/ndc start -t /var/spool/named/ -u named
This implies that ndc, named and named-xfer are both in /usr/sbin and
/var/spool/named/usr/sbin -- but the ones in /usr/sbin may be a link to the
ones in /var/spool/named/usr/sbin (but not vice versa)
> b) I can make ndc talk to the chroot'd named by specifying:
>
> % ndc -c /var/spool/named/var/run/ndc
>
> Commands like "getpid" and "status" work just fine.
> But after issuing a "reload" I get:
>
> can't change directory to /var/named: Permission denied
> (from named ? from ndc ?)
>
> and after that named dies an ugly death.
First problem was that named couldn't write "named.run", since the directory
was not writable for user "named".
Second problem was that "/dev/null" in the chroot-jail was created using the
wrong arguments to "mknod". Mea culpa.
ndc/named work like a charm now. Even chroot'd.
--
Ralf Hildebrandt <R.Hildebrandt at tu-bs.de> www.stahl.bau.tu-bs.de/~hildeb
I'm locked in a maze of little projects, all of which suck.
More information about the bind-users
mailing list