named + chroot

Vibol Hou vibol at khmer.cc
Fri May 7 03:26:19 UTC 2004 

I hardlinked the files because I figure the rh config tools access the 
main etc-based files rather than the chrooted files when making changes. 
  Hardlinking simplifies the process of not having to copy those two 
files to the chroot, but I don't believe a chroot environment mandates 
unique files.

The original problem I had, however, was installing the bind-chroot 
package broke bind (at least it did for me).  It didn't automatically 
copy (or hardlink) the /etc/named.conf and /etc/rndc.key files over to 
the chroot environment automatically.

Thanks for your insight.  I'm curious to know if your rndc.key went 
missing or if it wasn't copied properly in the first place.

-Vibol

David Kramer wrote:
> I guess Im confused as to why you would hardlink those files versus dropping
> them directly into your chroot environment.  I was always told for a pure
> chroot environment that you MUST place all dependent files within the
> chroot.  I've been running a public DNS for quite some time like that
> without issues(KNOCK ON WOOD...)  At one point I think I was missing my
> rndc.key reference within my named.conf file, once I corrected the path and
> had that file within my chroot/etc/dir I was good to go.  Let me know if you
> need more help with this.
> 
> DK
> 
> 
> 
> 
>>-----Original Message-----
>>From: fedora-test-list-bounces at redhat.com
>>[mailto:fedora-test-list-bounces at redhat.com]On Behalf Of Vibol Hou
>>Sent: Thursday, May 06, 2004 4:49 PM
>>To: fedora-test-list at redhat.com
>>Subject: named + chroot
>>
>>
>>I initially installed the bind package alone and then I installed
>>bind-chroot and caching-nameserver.  This caused rndc to start giving
>>errors which I traced back to bind-chroot not containing the appropriate
>>named.conf and rndc.key files;  to resolve this, I hardlinked the
>>/var/named/chroot/etc/named.conf file to /etc/named.conf and
>>/var/named/chroot/etc/rndc.key to /etc/rndc.key.
>>
>>Has anyone else experienced this problem?
>>
>>-Vibol
>>
>>
>>--
>>fedora-test-list mailing list
>>fedora-test-list at redhat.com
>>To unsubscribe:
>>http://www.redhat.com/mailman/listinfo/fedora-test-list
>>
> 
> 
> 
>

More information about the test mailing list