Date: Tue, 28 Sep 2004 03:03:46 -0700 (PDT) From: Doug Barton <DougB@FreeBSD.org> To: freebsd-current@freebsd.org Subject: HEADS UP: named now runs chroot'ed by default Message-ID: <20040928025635.Q5094@ync.qbhto.arg>
next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Folks,
I just committed a named "auto-chroot" system that will allow named to
run chroot'ed by default. If you have an existing named configuration in
/etc/namedb, the instructions for updating it are in src/UPDATING. If
you are already chroot'ing named, especially if you are using /var/named
as the chroot directory, you should back everything up before upgrading
and proceed with caution. :)
For those that don't have a named configuration, all you should have to
do is 'rm -r /etc/namedb' and you'll be fine.
Comments and suggestions are welcome, but please try to keep the
bikeshedding about specific bits down to an absolute minimum. The
directory structure and related options worked very well on hundreds of
name servers on a very busy enterprise network, so I have a high degree
of confidence that the defaults are sensible. That said, I am open to
genuine improvements, and dialogue on optional bits.
Enjoy,
Doug
- --
This .signature sanitized for your protection
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQFBWTcFyIakK9Wy8PsRAi14AJoDDYBsGVHXWDcg36/5OO9JWPuJ0ACdGxWK
E/Hbv5xATjskcJRLLY9G3hQ=
=EcKj
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040928025635.Q5094>