chroot/etc/named/ directory?
Mike Hoskins (michoski)
michoski at cisco.com
Wed Feb 13 17:43:42 UTC 2013
-----Original Message-----
From: Robert Moskowitz <rgm at htt-consult.com>
Date: Wednesday, February 13, 2013 10:53 AM
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: chroot/etc/named/ directory?
>I am upgrading my server from bind-9.3.6 via Centos 5.5 to 9.8.2 in
>Centos 6.3.
>
>I have and will run bind chrooted and on my test setup I noticed a 'new'
>subdirectory in the chroot tree:
>
>/var/named/chroot/etc/named/
>
>I cannot find any documentation as what is indended to be placed in this
>subdirectory. my includes for named.conf?
>
>I am assuming the pki subdirectory is for DNSSEC related files, but I
>have not found any documentation indicating so. But then I have not
>plowed through DNSSEC documention in depth yet.
If you installed bind*-chroot, it will populate the /var/named/chroot
hierarchy. It's not strictly required (though I would suggest it), but if
you intend to run BIND chrooted "/var/named/chroot" is essentially "/".
You'll have to place the usual things BIND needs to operate under that
directory -- configs, zones, etc. Assuming this came from the chroot RPM,
you'll already have other essential pieces for chroot such as your
null/random/zero devices. Since you mention CentOS, you'll likely also
want to pay attention to things like ROOTDIR in /etc/sysconfig/named.
Having said all that, you might search the archives (SRPMS have been
provided by community members) or other sources for a newer BIND while
you're at it...9.8.2 isn't ancient, but also not technically "up to date"
now. I am personally waiting for 9.9.3 to leave beta, but 9.8.4-P1
probably makes sense for you today. This won't affect your chroot setup,
just something worth considering since you're upgrading.
More information about the bind-users
mailing list