Well the easy fix would seem to be to create /var/named/chroot/usr/etc and put the rndc file(s) there. The whole point of chroot is to make the chrooted directory seem to be "/" from the standpoint of the chrooted application.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Buxton Sent: Tuesday, September 02, 2008 10:58 PM To: Bind-Users users Subject: Re: BIND 9.3.5-P1 update corrupted no longer in chroot -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sep 2, 2008, at 7:49 PM, Robert Spangler wrote: > On Tuesday 02 September 2008 17:43, Chris Buxton wrote: > >> No, that's not quite it. >> >> The problem here is that rndc is looking for the key in /usr/etc. >> Which tells me that the build that created rndc was './configure'd >> with '--prefix=/usr' and no '--sysconfdir'. > > In the chroot environment named cannot look outside the chroot > environment. > So no matter what, all the information that named and rndc are > looking for > have to be under /var/named/chroot. Right, but rndc is not chrooted. It's looking in /usr/etc, as indicated by the error message. To extrapolate, it seems reasonable to assume that named is looking in /var/named/chroot/usr/etc for its named.conf, by default, although of course this can be overridden on the command line (or in the init script). Chris Buxton Professional Services Men & Mice -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAki9/TkACgkQ0p/8Jp6Boi1ZyQCfTJXh6vxM/onAM6zgRrWvw1JZ K+0AnA1z2yV1p7T4kE6qBYzph2FcMq7H =wDxY -----END PGP SIGNATURE----- ---------------------------------- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. ----------------------------------
