BIND-8.2.2p5 running chroot'd on 10.20

Ralf Hildebrandt R.Hildebrandt at tu-bs.de
Fri Feb 25 12:58:45 UTC 2000


No answers, but by boosting the debug level and occasionally running named
as root I found out what was going amiss. 

That whole "-t" option is really badly documented in the BIND-distribution.

>    But how do I pass the arguments to ndc that emulate the following?
>    
>    /var/spool/named/usr/sbin/named -t /var/spool/named/ -u named   
>    (binary in chroot-jail)         (chroot-jail)        (user to run named as)

I'm a moron, the arguments just get passed on:

% ndc -c /var/spool/named/var/run/ndc start -t /var/spool/named/ -u named

This implies that ndc, named and named-xfer are both in /usr/sbin and
/var/spool/named/usr/sbin -- but the ones in /usr/sbin may be a link to the
ones in /var/spool/named/usr/sbin (but not vice versa)

> b) I can make ndc talk to the chroot'd named by specifying:
> 
>    % ndc -c /var/spool/named/var/run/ndc
> 
>    Commands like "getpid" and "status" work just fine.
>    But after issuing a "reload" I get:
> 
>    can't change directory to /var/named: Permission denied   
>    (from named ? from ndc ?)
>    
>    and after that named dies an ugly death.   

First problem was that named couldn't write "named.run", since the directory
was not writable for user "named".

Second problem was that "/dev/null" in the chroot-jail was created using the
wrong arguments to "mknod". Mea culpa. 

ndc/named work like a charm now. Even chroot'd.

-- 
Ralf Hildebrandt <R.Hildebrandt at tu-bs.de> www.stahl.bau.tu-bs.de/~hildeb
I'm locked in a maze of little projects, all of which suck. 




More information about the bind-users mailing list