What is the use of having a chroot path during installation

MURTARI, JOHN jm5903 at att.com
Thu Jan 14 12:56:37 UTC 2016

-----Original Message-----
From: Harshith Mulky <harshith.mulky at outlook.com>
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: What is the use of having a chroot path during installation
	of Bind

When installing bind, the following 2 are installed


What is the need of this bind-chroot?
I see all files in /var/named path are softlinks to /var/named/chroot/var/named
/etc/named.conf is softlink to /var/named/chroot/etc/named.conf

What is this chroot binding? And why is this chroot Binding Required?
Can the named server function without this chroot Binding?


I'm assuming you installed this on a Redhat type system.  The chroot package
sets up BIND to run in a chroot environment where the new filesystem root
is /var/named/chroot.

It's not 'required' -- but considered by many a good security practice in case
a vulnerability is found that allows the hacker to use named to examine/change
your filesystem -- with chroot active they would be very limited.

The server can function just fine in a non chroot environment, BUT -- if you've
already installed the RPMs and named is starting fine and servicing requests,
you may just want to leave it alone.   Removing the chroot package can sometimes
cause problems where old symlinks remain and things get very confusing.

Hope this helps.
Best regards!

John Murtari

More information about the bind-users mailing list