RE: named in sandbox
You need to compile named-xfer as statically linked, or move it's dependant libraries into the chroot. Can't remember the details of how I did that, and I don't use named any more - but that's your problem. hope that helps. m/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Muhammad Reza Sent: Thursday, May 20, 2004 10:02 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: named in sandbox dear All, I running named in sandbox as a secondary name server with FreeBSD-5.1.p17, Named log always complain: named-xfer exited with signal 6 and slave zone expired for every zone transfer. but, when it's running on default mode (no chroot sandbox) or as a primary server (with chroot sandbox). named work fine. please help me , how to make secondary zone transfer running in sandbox regards reza ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: named in sandbox
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Muhammad Reza I running named in sandbox as a secondary name server with FreeBSD-5.1.p17, Named log always complain: named-xfer exited with signal 6 and slave zone expired for every zone transfer. On Thu, May 20, 2004 at 11:02:46PM -0700, Mitch (bitblock) wrote: You need to compile named-xfer as statically linked, or move it's dependant libraries into the chroot. Or switch to the BIND9 port which doesn't have a separate named-xfer executable -- the functionality is all rolled into the named binary, and that you don't have to copy into the chroot area in order to run chrooted. Look at this article for some pointers: http://othyro.freeshell.org/bind.html However, remember that's written netbsd-centrically, and you'll have to adapt the instructions for use under FreeBSD -- use ports instead of pkgsrc, and you'll need to investigate what to do to make devfs(8) create the requited device nodes under the chroot, rather than using mknod. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpv0x0vcfRWj.pgp Description: PGP signature
Re: named in sandbox
On Fri, 2004-05-21 at 13:16, Matthew Seaman wrote: However, remember that's written netbsd-centrically, and you'll have to adapt the instructions for use under FreeBSD -- use ports instead of pkgsrc, and you'll need to investigate what to do to make devfs(8) create the requited device nodes under the chroot, rather than using mknod. You can simply symlink the device nodes: guardian# ls -la /var/chroot/named/dev/ total 4 drwxr-xr-x 2 bind bind 512 Mar 3 11:21 . drwx-- 5 bind bind 512 Mar 3 11:18 .. lrwxr-xr-x 1 root bind9 Mar 3 11:21 null - /dev/null lrwxr-xr-x 1 root bind 11 Mar 3 11:21 random - /dev/random lrwxr-xr-x 1 root bind9 Mar 3 11:21 zero - /dev/zero Cheers, -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. signature.asc Description: This is a digitally signed message part