On 7.3.2016 13:27, Jan Cholasta wrote: > Hi, > > On 7.3.2016 12:47, Martin Babinsky wrote: >> https://fedorahosted.org/freeipa/ticket/5696 > > Shouldn't we rather fix IPA to work with bind running in chroot (which is > AFAIK considered good security practice)?
I would not invest into it: http://www.freeipa.org/page/Howto/FreeIPA_with_integrated_BIND_inside_chroot#NOTE:_Chroot_should_not_be_considered_a_security_feature -- Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code