chroot-BIND
Kevin Darcy
kcd at daimlerchrysler.com
Fri Mar 23 21:00:42 UTC 2001
Ralf Hildebrandt wrote:
> On Thu, Mar 22, 2001 at 08:14:16PM -0500, mjs wrote:
>
> > I'm following the instructions STEP by STEP for chrooting BIND(on rh
> > 6.2),...when i get to this point
> >
> >
> > # cp /sbin/ldconfig /chroot/named/bin/
> > # chroot /chroot/named /bin/ldconfig -v
> >
> > when i run the line
> >
> >
> > chroot /chroot/named /bin/ldconfig -v
> > i get this error,..anyone know why??
> >
> > [root at digital lib]# chroot /chroot/named /bin/ldconfig -v
> > /bin/ldconfig: version 1999-02-21
> > /usr/lib:
> > /bin/ldconfig: warning: can't open /usr/lib (No such file or directory),
> > skipping
> > /lib:
> > ld-linux.so.2 => ld-2.1.3.so
> > libc.so.6 => libc-2.1.3.so
> > [root at digital lib]#
>
> BIND 8.x and 9.x chroot themselves. The instructions are bad. No need to run
> chroot at all.
I suspect that the "ldconfig" step of this process is just a sanity check.
I doubt very much that any reasonably-modern chroot() HOWTO would recommend
chroot()'ing named "manually", i.e. with the "chroot" command.
The warning about /usr/lib is potentially a problem -- are you (mjs, that
is) sure that *all* of the libraries that named-xfer needs are in /lib? If it
needs a library in /usr/lib, then obviously it's not going to work, since
apparently you have no /usr/lib in your chroot jail. Perhaps that was an
oversight in an earlier step of the process.
Alternatively, build named-xfer statically.
Or, if your nameserver isn't slave for any zones, maybe you don't need
named-xfer at all.
Note that with BIND 9, you shouldn't need libraries *or* static building, since
the functionality of named-xfer has been absorbed into named itself.
- Kevin
More information about the bind-users
mailing list