** On May 24, Marco d'Itri scribbled: > On May 23, Marek Habersack <grendel@vip.net.pl> wrote: > > > I'm building for mysle a chrooted bind package. It's gonna be used locally > >only, but I want it to conform to the Debian Policy Manual/FHS as much as it > >is possible. My first idea was to put the chroot tree in /usr/local, but > It's a system dependent choice, there is currently no FHS policy > regarding chroots. Well, so I guess the only thing to do is to ask for the location of the chroot tree on the install time. But how a package can own directories that are created on the install time? > (BTW, I'm considering writing a tool which automatically maintains and > updates chroot environments, I think more of our daemons should be > chrooted. It's a shame our BIND package even runs as root.) I'm gonna make the modified package available as soon as it is tested. It will both create a special user as well as chroot the daemon. marek
Attachment:
pgp0iKbxee3aI.pgp
Description: PGP signature