Florian schrieb:
> Hello list,
>
> i configured my tsl 3.0.5 for ipv6 support and installed the tsl
> bind-packages.
> bind-libs-9.3.4-3tr
> bind-9.3.4-3tr
> bind-utils-9.3.4-3tr
>
> I have more ip-v6-adresses on my interface and want to bind the named on
> a certain address like :
> /etc/named.conf
> -------------------
> listen-on-v6 {
> ::1;
> 2001:470:1f00:484::2;
> };
> -------------------
> #
>
> It seems, that bind doesn't bind with port 53 to a single ip-v6-address.
> Is this a known issue? I can't find anything about it in the isc-doku or
> in google. Does anyone know a way to bind named:53 to a single ipv6-address?
>
> Thanks, Florian
>
> _______________________________________________
> tsl-discuss mailing list
> [email protected]
> http://lists.trustix.org/mailman/listinfo/tsl-discuss
>
>
>
Hi,
i posted the same message to the bind-users list and got the following hint:
"Configure your chroot environment to have a /proc. That
way named can check each of the IPv6 addresses in
/proc/net/if_inet6 against the listen-on-v6 acl."
So i changed the named start-skript /etc/init.d/named
-----------------------------------------------
setupjail() {
....
if [ "${NETWORKING_IPV6}" = "yes" ]
then
mkdir -p ${JAIL_BASE}/proc/net
touch ${JAIL_BASE}/proc/net/if_inet6
chmod -R 555 ${JAIL_BASE}/proc
chmod 444 ${JAIL_BASE}/proc/net/if_inet6
mount --bind /proc/net/if_inet6
${JAIL_BASE}/proc/net/if_inet6
fi
...
closejail() {
...
umount -f ${JAIL_BASE}/proc/net/if_inet6 2>/dev/null
rm -rf ${JAIL_BASE}/proc 2>/dev/null
#btw. deleting /dev is missing in the script too
rm -rf ${JAIL_BASE}/dev 2>/dev/null
...
-------------------------------------------------
restarting bind and - it works!
Is it possible to get this change into the tsl-bind-package?
Bye, Florian
_______________________________________________
tsl-discuss mailing list
[email protected]
http://lists.trustix.org/mailman/listinfo/tsl-discuss
