Support of WKS records under chroot

Karatas Ozgur mueddib at
Mon Nov 14 15:05:41 UTC 2016

Dear Mensik;

I wish you the best of success, thanks for patch! I think; your patch uses place to chroot directory. Usually all patchs it is applied to chroot's directory.
For example:

+ named
+ dev
+ etc
+ var


Ozgur Karatas

14.11.2016, 16:27, "Petr Mensik" <pemensik at>:
> Hi everyone!
> I am a new maintainer of bind package under Fedora, I hope I will contribute with more valuable code later. But simple things first.
> Current BIND will not load WKS records in zones when running under chroot. named-checkzone will fail checking zone files containing WKS record. It will prevent bind from starting in chroot at all in default configuration.
> It is possible to load them, if I copy /lib{,64}/* and /etc/services and /etc/protocols. Also /etc/nsswitch.conf if default configuration is not good enough.
> I have found a simple workaround - to use getservbyname and/or getprotobyname calls before calling chroot call. It forces glibc library of linux to load /lib/ dynamically before it loses access to that file. An advantage is it should support any NSS library that do not need to open unix domain socket later. Of course I still have to make /etc/services and /etc/protocols accessible in chroot (or their *.db variants if db backend is used). But I do not have to make accessible executable code and that is what I want.
> I am satisfied with that solution. I am not sure, whether the place I have chosen it the best for it.
> Do you know better place than my patch uses? Or another simple way to make WKS records parseable under chroot?
> Cheers,
> --
> Petr Menšík
> Software Engineer
> Red Hat,
> email: pemensik at PGP: 65C6C973

More information about the bind-workers mailing list