Re: Chrooted packages, where to put them?
On Wed, 24 May 2000, Marco d'Itri wrote:
> On May 23, Marek Habersack <grendel@vip.net.pl> wrote:
>
> > I'm building for mysle a chrooted bind package. It's gonna be used locally
> >only, but I want it to conform to the Debian Policy Manual/FHS as much as it
> >is possible. My first idea was to put the chroot tree in /usr/local, but
> It's a system dependent choice, there is currently no FHS policy
> regarding chroots.
>
> (BTW, I'm considering writing a tool which automatically maintains and
> updates chroot environments, I think more of our daemons should be
> chrooted. It's a shame our BIND package even runs as root.)
I would have to agree with this... bind should not be running as root,
and would be best if it was run in a chroot jail. I set it up here and it was
not a very complex process, perhaps once I get more experiance I'll try and do
something to better automate the process.
Stephen
Reply to: