From owner-freebsd-current Sat Feb 15 18: 9:55 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0DF5637B401; Sat, 15 Feb 2003 18:09:54 -0800 (PST) Received: from newtrinity.zeist.de (newtrinity.zeist.de [193.111.112.230]) by mx1.FreeBSD.org (Postfix) with ESMTP id 02FE243F85; Sat, 15 Feb 2003 18:09:53 -0800 (PST) (envelope-from marius@newtrinity.zeist.de) Received: from newtrinity.zeist.de (localhost [127.0.0.1]) by newtrinity.zeist.de (8.12.6/8.12.6/ZEIST.DE) with ESMTP id h1G29pdC096274; Sun, 16 Feb 2003 03:09:51 +0100 (CET) (envelope-from marius@newtrinity.zeist.de) Received: (from marius@localhost) by newtrinity.zeist.de (8.12.6/8.12.6/Submit) id h1G29kKP096273; Sun, 16 Feb 2003 03:09:46 +0100 (CET) (envelope-from marius) Date: Sun, 16 Feb 2003 03:09:46 +0100 From: marius@alchemy.franken.de To: Doug Barton Cc: Alexander Leidinger , current@FreeBSD.org, Mike Makonnen Subject: Re: named & chroot & rcNG & devfs Message-ID: <20030216030946.A93454@newtrinity.zeist.de> References: <20030211185931.0d37ef82.Alexander@Leidinger.net> <20030211202917.B36455@newtrinity.zeist.de> <20030215170451.E63308@12-234-22-23.pyvrag.nggov.pbz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030215170451.E63308@12-234-22-23.pyvrag.nggov.pbz>; from DougB@FreeBSD.org on Sat, Feb 15, 2003 at 05:09:19PM -0800 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Feb 15, 2003 at 05:09:19PM -0800, Doug Barton wrote: > On Tue, 11 Feb 2003 marius@alchemy.franken.de wrote: > > > /etc/rc.d/named is quite bogus, especially when it comes to running bind > > chrooted. > > Correct. I'm working on an improved method of dealing with this. great! > > > E.g. /dev/null isn't needed by bind8 at all > > Incorrect. /dev/null is needed for bind 8. /dev/null and /dev/random are > needed for bind 9. Depending on what you're doing, /dev/random is probably > a good idea for bind 8 as well. hrm, i thought to have checked properly when i set up the chroots. may this have changed througout version 8? anyway, they still run happily without /dev/null. > > > On the other hand shared libraries are needed (or a port that > > supports linking bind statically...) > > cd /usr/ports/net/bind[89] > make clean > make CFLAGS+=-static -DPORT_REPLACES_BASE_BIND8 > make install > i don't like ports installing to locations of base system binaries, i.e. /usr/sbin etc., and in the case of bind i don't see a reason why the port should be installed in place of the base bind only to get copied over to the chroot. wouldn't it be fine if the bind ports would support '-DPORT_INSTALL_CHROOT' or something only installing static binaries directly to the chroot? on the other hand /etc/rc.d/named probably should also support running chrooted with the base bind which would either require copying the required libs or a statically linked base bind... well, i'm looking forward to your improved version. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message