Date: Fri, 20 Dec 2002 08:57:19 -0500 (EST) From: Dan Pelleg <daniel+bsd@pelleg.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: conf/46401: [PATCH] /etc/rc.d/named doesn't create chroot dirs Message-ID: <20021220135719.3EF84B627D@mail.pelleg.org>
next in thread | raw e-mail | index | archive | help
>Number: 46401
>Category: conf
>Synopsis: [PATCH] /etc/rc.d/named doesn't create chroot dirs
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Dec 20 06:00:15 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Dan Pelleg
>Release: FreeBSD 5.0-RC i386
>Organization:
>Environment:
System: FreeBSD p 5.0-RC FreeBSD 5.0-RC #1: Sun Dec 8 08:28:28 EST 2002 d@p i386
>Description:
1. /etc/rc.d/named does not create necessary chroot directories
2. named_chroot is not set, so /etc/rc.subr does not start named
in a sandbox
NOTE: there is another problem with the pid file -
the pidfile is set to /var/run/named/pid in named.conf
(should be /var/run/named.pid) - I'll open another PR about
that.
>How-To-Repeat:
Add to /etc/rc.conf:
named_enable="YES" # Run named, the DNS server (or NO).
named_program="/usr/sbin/named" # path to named, if you want a different one.
named_flags="-u bind -g bind" # Flags for named
named_chrootdir="/usr/j1/named" # Chroot directory (or "" not to auto-chroot it)
named_chroot_autoupdate="YES" # Automatically install/update chrooted
named_symlink_enable="YES" # Symlink /var/run/named.pid and /var/run/ndc
named_rcng="YES" # XXX Temporary. Enable to use new rc
mkdir /usr/j1/named
(populate /usr/j1/named/etc with conf files)
/etc/rc.d/named start
>Fix:
--- /etc/rc.d/named.orig Thu Dec 19 21:11:19 2002
+++ /etc/rc.d/named Fri Dec 20 06:55:05 2002
@@ -17,6 +17,7 @@
pidfile="/var/run/${name}.pid"
start_precmd="named_precmd"
required_dirs="$named_chrootdir" # if it is set, it must exist
+named_chroot="$named_chrootdir"
extra_commands="reload"
case ${OSTYPE} in
@@ -49,22 +50,22 @@
"${named_chrootdir}/usr/libexec/named-xfer" -ot \
/usr/libexec/named-xfer ]; then
rm -f "${named_chrootdir}/usr/libexec/named-xfer"
- cp -p /usr/libexec/named-xfer "${named_chrootdir}/usr/libexec"
+ /bin/pax -rw -pe /usr/libexec/named-xfer "${named_chrootdir}/"
fi
# Copy /dev/null over, if neccessary. Preserve everything (perms,
# ownership, mod times).
#
if [ ! -c "${named_chrootdir}/dev/null" ]; then
- rm -f "${named_chrootdir}/dev/null"
- ( cd /dev ; /bin/pax -rw -pe null "${named_chrootdir}/dev" )
+ rm -f "${named_chrootdir}/dev/null"
+ /bin/pax -rw -pe /dev/null "${named_chrootdir}/"
fi
# Copy local timezone information if it's not up-to-date.
#
if [ -f /etc/localtime ]; then
cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" || \
- cp -p /etc/localtime "${named_chrootdir}/etc/localtime"
+ pax -rw -pe /etc/localtime "${named_chrootdir}/"
fi
}
@@ -72,9 +73,11 @@
#
make_symlinks()
{
- ln -fs "${named_chrootdir}/var/run/named.pid" /var/run/named.pid
+ if [ ! -d ${named_chrootdir}/var/run ]; then
+ mkdir -p "${named_chrootdir}/var/run"
+ fi
+ ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
ln -fs "${named_chrootdir}/var/run/ndc" /var/run/ndc
-
}
named_precmd()
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021220135719.3EF84B627D>