Re: These 'roots' are bugging me.

To: debian-security@lists.debian.org
Subject: Re: These 'roots' are bugging me.
From: Christoph Moench-Tegeder <ry04@rz.uni-karlsruhe.de>
Date: Thu, 31 Jan 2002 01:05:47 +0100
Message-id: <[🔎] 20020131010547.G29657@rz-ewok.rz.uni-karlsruhe.de>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 02013005312800.00736@NodeFilter>; from linuxbox@telusplanet.net on Wed, Jan 30, 2002 at 05:31:28AM -0700
References: <[🔎] 20020123233814.A7815@linux.wku.edu> <[🔎] 3C581BE7.7060709@iitedge.com> <[🔎] 02013005312800.00736@NodeFilter>

## Stefan Srdic (linuxbox@telusplanet.net):

> Remember to statically compile BIND if your going to place it in a chroot 
> jail,

You may also put the Debian Bind 8.2.3 (8.2.3-0.potato) in a chroot.
Be sure to have the following files in your chroot:
dev/null
etc/bind/named.conf
etc/localtime
etc/group a single line: "named:x:GID:"
etc/ld.so.cache generated with ldconfig
lib/ld-2.1.3.so
lib/libc-2.1.3.so
lib/ld-linux.so.2 symlinked to ld-2.1.3.so
lib/libc.so.6 symlinked to libc-2.1.3.so
sbin/ldconfig may be deleted after setting up the chroot
sbin/named-xfer if you do XFER
var/run/

Have syslogd listen on $CHROOT/dev/log, too.
You may want to have directorys for keeping logs and zonefiles.
If you are receiving XFER, named must be able to write the zonefiles.
Remeber correcting the paths in named.conf.

All these were taken from the mentioned HOWTO at LDP, but it just worked
fine. All my BINDs (sounds great, but there are only five bored
DNS-caches) are running chrooted.

Regards,
cmt

-- 
Spare Space

Reply to:

References:
- /bin/passwd as shell
  - From: Rob VanFleet <rvf@linux.wku.edu>
- These 'roots' are bugging me.
  - From: Dave Kline <dave@iitedge.com>
- Re: These 'roots' are bugging me.
  - From: Stefan Srdic <linuxbox@telusplanet.net>

Prev by Date: Re: These 'roots' are bugging me.
Next by Date: logging facility
Previous by thread: Re: These 'roots' are bugging me.
Next by thread: how to create MD5 passwords
Index(es):
- Date
- Thread