chroot/etc/named/ directory?
Robert Moskowitz
rgm at htt-consult.com
Wed Feb 13 19:18:20 UTC 2013
On 02/13/2013 01:44 PM, Lightner, Jeff wrote:
> Haven't done it on RHEL/CentOS 6.x yet but in RHEL5 with the bind-chroot installed I've always had:
> /var/named/chroot as the jail for BIND.
> /var/named/chroot/etc = Location of global config files such as named.conf
> /var/named/chroot/var/named = Location of the zone files.
These I am use to and have used them for years.
> I don't see a /var/named/chroot/etc/named in RHEL5 but then again that is based on BIND 9.3. RHEL6 is almost certainly based on a higher upstream version. Since CentOS is built from RHEL source it would have that higher version as well.
Yes. I am going from Centos (RHEL) 5.5 to 6.3, so the new directory just
has me wondering. I found it also as /etc/named/ so it is part of their
base bind rpm, but no documentation on what they expected to be place
there. Just here is something new and I want to know why so that I am
not supprised.
> -----Original Message-----
> From: bind-users-bounces+jlightner=water.com at lists.isc.org [mailto:bind-users-bounces+jlightner=water.com at lists.isc.org] On Behalf Of Mike Hoskins (michoski)
> Sent: Wednesday, February 13, 2013 12:44 PM
> To: bind-users at lists.isc.org
> Subject: Re: chroot/etc/named/ directory?
>
> -----Original Message-----
>
> From: Robert Moskowitz <rgm at htt-consult.com>
> Date: Wednesday, February 13, 2013 10:53 AM
> To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
> Subject: chroot/etc/named/ directory?
>
>> I am upgrading my server from bind-9.3.6 via Centos 5.5 to 9.8.2 in
>> Centos 6.3.
>>
>> I have and will run bind chrooted and on my test setup I noticed a 'new'
>> subdirectory in the chroot tree:
>>
>> /var/named/chroot/etc/named/
>>
>> I cannot find any documentation as what is indended to be placed in
>> this subdirectory. my includes for named.conf?
>>
>> I am assuming the pki subdirectory is for DNSSEC related files, but I
>> have not found any documentation indicating so. But then I have not
>> plowed through DNSSEC documention in depth yet.
> If you installed bind*-chroot, it will populate the /var/named/chroot hierarchy. It's not strictly required (though I would suggest it), but if you intend to run BIND chrooted "/var/named/chroot" is essentially "/".
> You'll have to place the usual things BIND needs to operate under that directory -- configs, zones, etc. Assuming this came from the chroot RPM, you'll already have other essential pieces for chroot such as your null/random/zero devices. Since you mention CentOS, you'll likely also want to pay attention to things like ROOTDIR in /etc/sysconfig/named.
>
> Having said all that, you might search the archives (SRPMS have been provided by community members) or other sources for a newer BIND while you're at it...9.8.2 isn't ancient, but also not technically "up to date"
> now. I am personally waiting for 9.9.3 to leave beta, but 9.8.4-P1 probably makes sense for you today. This won't affect your chroot setup, just something worth considering since you're upgrading.
>
> _______________________________________________
>
More information about the bind-users
mailing list