[Dshield] Re: chroot BIND

Rémi Cohen-Scali Remi at Cohen-Scali.com
Fri Nov 15 19:10:06 GMT 2002

>But your still need to setup the 'jail' (/directory/to/jail) to
>contain all the necessary files, as named will not be able to
>access any files outside of the jail. At a minimum, these are the
>config files and /dev/null. You will also need the libraries (unless
>you compile static) and a couple extra things, like /dev/random for
>the secure dns/tsig stuff.
You should also copy all rndc stuff in order to continu to be able to 
control named (/etc/rndc.conf & /etc/rndc.key)

More information about the list mailing list