BIND config tool + How do I select between chroot and no chroot?

BIND config tool + How do I select between chroot and no chroot?

Post by Ramon F Herrer » Sat, 17 Jul 2010 01:57:30



I am having problems setting up a (very basic) DNS server in my new
RedHat Linux box. I have found some references to a BIND Configuration
Tool, which is nowhere to be found.

I would like to start with a simple configuration, without the chroot
jail.

 - How do I turn off chroot?

 - Where can I find some sort of BIND Configuration Tool?

TIA,

-Ramon

 
 
 

BIND config tool + How do I select between chroot and no chroot?

Post by Keith Kelle » Sat, 17 Jul 2010 02:18:35



Quote:

> I am having problems setting up a (very basic) DNS server in my new
> RedHat Linux box. I have found some references to a BIND Configuration
> Tool, which is nowhere to be found.

> I would like to start with a simple configuration, without the chroot
> jail.

>  - How do I turn off chroot?

Don't run named with -t.

Quote:>  - Where can I find some sort of BIND Configuration Tool?

Use system-config-bind; if your system doesn't have it you should be
able to get it via yum, RHN or similar.

--keith

--

(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information

 
 
 

BIND config tool + How do I select between chroot and no chroot?

Post by Ramon F Herrer » Sat, 17 Jul 2010 02:40:07





> > I am having problems setting up a (very basic) DNS server in my new
> > RedHat Linux box. I have found some references to a BIND Configuration
> > Tool, which is nowhere to be found.

> > I would like to start with a simple configuration, without the chroot
> > jail.

 > > ?- How do I turn off chroot?
 >
 > Don't run named with -t.

Thanks, Keith!

I normally start/stop named like this:

/etc/rc.d/init/named

I looked at that script and was trying to figure out how to remove the
chroot operation. I guess I can always start named manually, without
the -t.

I did find system-config-bind. It was hidden in one of my CD-ROMs.

Thanks again,

-Ramon

 
 
 

BIND config tool + How do I select between chroot and no chroot?

Post by Keith Kelle » Sat, 17 Jul 2010 03:18:05



Quote:> /etc/rc.d/init/named

> I looked at that script and was trying to figure out how to remove the
> chroot operation. I guess I can always start named manually, without
> the -t.

> I did find system-config-bind. It was hidden in one of my CD-ROMs.

You should use system-config-bind to configure named; there is likely an
option to not run in a chroot.  (Or you may find that you don't need to
turn off chroot.)

If there is no way to do this in system-config-bind, then I believe (but
please don't see me as authoritative) that you can add

ROOTDIR=''

to /etc/sysconfig/named to not run in a chroot.  (Or if ROOTDIR already
exists there, change it to ''.)

--keith

--

(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information

 
 
 

BIND config tool + How do I select between chroot and no chroot?

Post by Ramon F Herrer » Sat, 17 Jul 2010 03:30:47





> > /etc/rc.d/init/named

> > I looked at that script and was trying to figure out how to remove the
> > chroot operation. I guess I can always start named manually, without
> > the -t.

> > I did find system-config-bind. It was hidden in one of my CD-ROMs.

 > You should use system-config-bind to configure named;

You can say that again...

Quote:> there is likely an option to not run in a chroot.
> (Or you may find that you don't need to turn off chroot.)

This was the case. I have my basic server up and running: such a piece
of cake, when you have a nice GUI.

I have another question, in a separate thread...

Thx,

-Ramon

 
 
 

1. chroot+Apache: possible to place logfiles outside chroot cell?

Hi there,

I was wondering whether there is a way to place the apache logfiles
outside of a chroot cell, so that they aren't accessible to some
creative
soul, who gained access to the chroot cell. (running Linux 2.2.6)

The ErrorLog directive already has the facility to pass the errors to
syslogd (which can bind to several /dev/log so that it can pick up
messages
in the chroot cell and place them in /var/log/messages), but what about
the other
log files?

Any ideas?

thanx

Dorothea

2. (no subject)

3. Running chroot applications in a chroot environment

4. !!! urgent !!! can't access my linux RH7.1 machine

5. BIND chroot

6. Can I upgrade X? (using 3.1.1 server with 3.1 install)

7. chroot && mount -o bind && security

8. Two JNI cards and two topology on the same system

9. BIND and chroot, again

10. BIND 9.1 chroot on FreeBSD 4.3

11. chroot jail for sendmail + bind

12. Chroot and Bind

13. BIND in a Sandbox (chroot)