What is the use of having a chroot path during installation
jm5903 at att.com
Thu Jan 14 12:56:37 UTC 2016
From: Harshith Mulky <harshith.mulky at outlook.com>
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: What is the use of having a chroot path during installation
When installing bind, the following 2 are installed
What is the need of this bind-chroot?
I see all files in /var/named path are softlinks to /var/named/chroot/var/named
/etc/named.conf is softlink to /var/named/chroot/etc/named.conf
What is this chroot binding? And why is this chroot Binding Required?
Can the named server function without this chroot Binding?
I'm assuming you installed this on a Redhat type system. The chroot package
sets up BIND to run in a chroot environment where the new filesystem root
It's not 'required' -- but considered by many a good security practice in case
a vulnerability is found that allows the hacker to use named to examine/change
your filesystem -- with chroot active they would be very limited.
The server can function just fine in a non chroot environment, BUT -- if you've
already installed the RPMs and named is starting fine and servicing requests,
you may just want to leave it alone. Removing the chroot package can sometimes
cause problems where old symlinks remain and things get very confusing.
Hope this helps.
More information about the bind-users