HEADS UP: named now runs chroot'ed by default
Peter Schultz
pete at beforever.com
Tue Sep 28 06:59:31 PDT 2004
On Sep 28, 2004, at 5:03 AM, Doug Barton wrote:
> Folks,
>
> I just committed a named "auto-chroot" system that will allow named to
> run chroot'ed by default. If you have an existing named configuration
> in /etc/namedb, the instructions for updating it are in src/UPDATING.
> If you are already chroot'ing named, especially if you are using
> /var/named as the chroot directory, you should back everything up
> before upgrading and proceed with caution. :)
>
Why not do it FreeBSD style and auto-jail named?
Sincerely,
Pete...
> For those that don't have a named configuration, all you should have
> to do is 'rm -r /etc/namedb' and you'll be fine.
>
> Comments and suggestions are welcome, but please try to keep the
> bikeshedding about specific bits down to an absolute minimum. The
> directory structure and related options worked very well on hundreds
> of name servers on a very busy enterprise network, so I have a high
> degree of confidence that the defaults are sensible. That said, I am
> open to genuine improvements, and dialogue on optional bits.
>
> Enjoy,
>
> Doug
More information about the freebsd-current
mailing list