[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

questions about chrooting bind 8.3.3

Hi, I have a question about chrooting bind 8.3.3 

I have used the setup as described in
http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I
then start bind evrything looks right but when I do a lsof -p <pid of
named> I see:

command to start bind:

start-stop-daemon --start --quiet --exec /usr/sbin/named -- -u named -g
named -t /var/lib/chroot/named/

# lsof -p 22119
COMMAND   PID  USER   FD   TYPE     DEVICE    SIZE    NODE NAME
named   22119 named  cwd    DIR       8,22    4096  145479
/var/lib/chroot/named/var/cache/bind
named   22119 named  rtd    DIR       8,22    4096  145467
/var/lib/chroot/named
named   22119 named  txt    REG        8,6  512088  130880
/usr/sbin/named
named   22119 named  mem    REG        8,5   82503   30185
/lib/ld-2.2.5.so
named   22119 named  mem    REG        8,5 1145456   30223
/lib/libc-2.2.5.so
named   22119 named  mem    REG        8,5   32664   30232
/lib/libnss_files-2.2.5.so
named   22119 named    0u   CHR        1,3          145480
/var/lib/chroot/named/dev/null
named   22119 named    1u   CHR        1,3          145480
/var/lib/chroot/named/dev/null
named   22119 named    2u   CHR        1,3          145480
/var/lib/chroot/named/dev/null
named   22119 named    3u  unix 0xe1086560         5375674 socket
named   22119 named    4u  IPv4    5375686             UDP *:32943 
named   22119 named    5u  unix 0xd9d1ec40         5375676 /var/run/ndc
named   22119 named   20u  IPv4    5375680             UDP
localhost:domain 
named   22119 named   21u  IPv4    5375681             TCP
localhost:domain (LISTEN)

and when I change the command to start bind to :

start-stop-daemon --chroot /var/lib/chroot/named/ --start --pidfile
/var/run/named.pid --exec /usr/sbin/named -- -u named -g named

I see:
# lsof -p 23433
COMMAND   PID  USER   FD   TYPE     DEVICE    SIZE    NODE NAME
named   23433 named  cwd    DIR       8,22    4096  145479
/var/lib/chroot/named/var/cache/bind
named   23433 named  rtd    DIR       8,22    4096  145467
/var/lib/chroot/named
named   23433 named  txt    REG       8,22  512088  145502
/var/lib/chroot/named/usr/sbin/named
named   23433 named  mem    REG       8,22   82503  145501
/var/lib/chroot/named/lib/ld-linux.so.2
named   23433 named  mem    REG       8,22 1145456  145500
/var/lib/chroot/named/lib/libc.so.6
named   23433 named  mem    REG       8,22   32664  146115
/var/lib/chroot/named/lib/libnss_files.so.2
named   23433 named    0u   CHR        1,3          145480
/var/lib/chroot/named/dev/null
named   23433 named    1u   CHR        1,3          145480
/var/lib/chroot/named/dev/null
named   23433 named    2u   CHR        1,3          145480
/var/lib/chroot/named/dev/null
named   23433 named    3u  unix 0xef055a80         5239772 socket
named   23433 named    4u  IPv4    5239784             UDP *:32942 
named   23433 named    5u  unix 0xeee6d140         5239774 /var/run/ndc
named   23433 named   20u  IPv4    5239778             UDP
localhost:domain 
named   23433 named   21u  IPv4    5239779             TCP
localhost:domain (LISTEN)


Look at the difference in the libraries, as I can see when I start named
as stated in the script the libraries in the chrooted environment are
not used.... 

Am I wrong here?
-- 
J.J. van Gorkum                            Knowledge Zone
--
If UNIX isn't the solution, you've got the wrong problem.
Reply to: