From owner-freebsd-stable  Thu Feb  1  9:26: 4 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from sdmail0.sd.bmarts.com (sdmail0.sd.bmarts.com [192.215.234.86])
	by hub.freebsd.org (Postfix) with SMTP id 380CC37B6A9
	for <stable@FreeBSD.ORG>; Thu,  1 Feb 2001 09:25:44 -0800 (PST)
Received: (qmail 23786 invoked by uid 1078); 1 Feb 2001 17:25:47 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 1 Feb 2001 17:25:47 -0000
Date: Thu, 1 Feb 2001 09:25:47 -0800 (PST)
From: Gordon Tetlow <gordont@bluemtn.net>
X-X-Sender:  <gordont@sdmail0.sd.bmarts.com>
To: Vivek Khera <khera@kciLink.com>
Cc: <stable@FreeBSD.ORG>
Subject: Re: chrooting bind
In-Reply-To: <14969.39780.805831.185241@onceler.kciLink.com>
Message-ID: <Pine.BSF.4.31.0102010924030.17707-100000@sdmail0.sd.bmarts.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, 1 Feb 2001, Vivek Khera wrote:

> Pretty much the only thing you have to do to run bind in chroot is to
> set the named_flags="-g bind -u bind" flags in /etc/rc.conf.  That's
> my understanding of it based on the FreeBSD docs.

Correct me if I'm wrong, but this is only a sandbox (run as a different
user) while this person wants to set up a true chroot environment.
Personally, I think that the former is adequete as nothing else on the box
is owned by the bind user.

-gordon



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message