configure bind in chroot jail
Fred Morris
m3047 at m3047.net
Fri Aug 1 15:00:56 UTC 2025
To add to what Greg says..
On Fri, 1 Aug 2025, Greg Choules via bind-users wrote:
>
> I would suggest that, if you are really worried about losing control of a
> process, or it being used for remote access to your machine, or
> something (are either of these why you think you need chroot?) you should
> either/both run BIND in a VM or take a good look at your server and network
> security.
KVM virtualization is pretty much out of the box. Docker isn't hard. Since
you are running on Linux, are you aware that systemd has its own kind of
containerization which builds on features of the modern Linux kernel? Take
a look at systemd-nspawn. (man systemd-nspawn) I don't have a playbook for
you, unfortunately.
--
Fred Morris, internet plumber
More information about the bind-users
mailing list