Re: Problems chrooting BIND 9.2.2 in a Solaris 8 box
From: Ricardo J. Ulisses Filho (ricardoj_at_hotlink.com.br)
Date: 03/13/04
- Previous message: Sean Boran: "RE: Problems chrooting BIND 9.2.2 in a Solaris 8 box"
- In reply to: GARCIA CABALLERO Jordi: "Problems chrooting BIND 9.2.2 in a Solaris 8 box"
- Next in thread: Chris Ess: "Re: Problems chrooting BIND 9.2.2 in a Solaris 8 box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: GARCIA CABALLERO Jordi <Jordi.GARCIA@oami.eu.int>, security-basics@securityfocus.com, focus-sun@securityfocus.com Date: Sat, 13 Mar 2004 14:08:03 -0300
Hi,
It appears that named is trying to look for its hosts files into /dns/etc,
since this should be the specified directory in named.conf.
Probably this directory (/export/home/dns/dns/etc) does not exist.
Have you tried to do the chroot directly from named, by its -t flag?
AFAIK, Bind 9.2.2 provides the ability to chroot itself, after it processes
all the command line arguments, with the -t flag.
Instead of
# /usr/sbin/chroot /export/home/dns /usr/local/sbin/named -u named
Try
# /usr/local/sbin/named -u named -t /export/home/dns
Cheers,
-- Ricardo J. Ulisses Filho _____________________________ rico@hotlink.com.br Systems Administrator HOTlink Internet On Thursday 11 March 2004 15:02, GARCIA CABALLERO Jordi wrote: > Hi, > > Chrooting BIND 9.2.2 in a Solaris 8 02/2002 box, I get this weird error > when running named in the jail: > > # /usr/sbin/chroot /export/home/dns /usr/local/sbin/named -u named > > What I see from the console > > Mar 11 18:26:15 oasv020 named[11788]: /etc/named.conf:16: change directory > to '/dns/etc' failed: file not found > Mar 11 18:26:15 oasv020 named[11788]: /etc/named.conf:16: parsing failed > Mar 11 18:26:15 oasv020 named[11788]: loading configuration: file not found > Mar 11 18:26:15 oasv020 named[11788]: exiting (due to fatal error) > > It is like chroot command does not work properly since it tries to access > the /etc chrooted directory that really points to /export/home/dns/etc > directory. > > It is not the first time that I have chrooted the BIND service. A couple of > years ago, I chrooted BIND 8.2.2-P5 on a Solaris 8 box, following this > document from Sean Boran and I did not get any problem. > > http://www.securityfocus.com/archive/attachment/66802/2/ > > Any ideas ? > > Regards, > > > Jordi Garcia > > Unix LSA - Office * AE4/1A-1.053 > > > > OFFICE FOR HARMONIZATION IN THE INTERNAL MARKET > > Information Technologies and Facilities Department > > « Production and Telecommunication » Service > > Servers, Databases and Applications Sector > > > > Avenida de Europa, 4 - AC 77 - E-03080 Alicante - SPAIN > > > > * +34 965 139 777 > > * +34 965 139 614 > > * +34 629 284 187 (5777) > > * Jordi.GARCIA@oami.eu.int
- Previous message: Sean Boran: "RE: Problems chrooting BIND 9.2.2 in a Solaris 8 box"
- In reply to: GARCIA CABALLERO Jordi: "Problems chrooting BIND 9.2.2 in a Solaris 8 box"
- Next in thread: Chris Ess: "Re: Problems chrooting BIND 9.2.2 in a Solaris 8 box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
