Login or Register to Ask a Question and Join Our Community


Solaris

BIND in chroot

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris BIND in chroot
# 1  
Old 09-13-2012
BIND in chroot
Hi all,
I'm trying to start named in chroot environment manually but i'm getting the following error
Code:
bash-3.00# cat /etc/release
                     Solaris 10 6/06 s10s_u2wos_09a SPARC
           Copyright 2006 Sun Microsystems, Inc.  All Rights Reserved.
                        Use is subject to license terms.
                             Assembled 09 June 2006

Code:
bash-3.00# uname -a
SunOS mail 5.10 Generic_127111-05 sun4u sparc SUNW,Sun-Fire-880

Code:
bash-3.00# named -v
BIND 9.3.4-P1

Code:
bash-3.00# /usr/sbin/named -c /var/named/etc/named.conf  -t /var/named  -u named 
 -f -g
named: config filename (-c /var/named/etc/named.conf) contains chroot path (-t /var/named)
13-Sep-2012 12:07:12.328 starting BIND 9.3.4-P1 -c /var/named/etc/named.conf -t /var/named -u named -f -g
13-Sep-2012 12:07:12.328 found 4 CPUs, using 4 worker threads
13-Sep-2012 12:07:12.338 loading configuration from '/var/named/etc/named.conf'
13-Sep-2012 12:07:12.339 none:0: open: /var/named/etc/named.conf: file not found
13-Sep-2012 12:07:12.340 loading configuration: file not found
13-Sep-2012 12:07:12.340 exiting (due to fatal error)

What is the cause of the above error any idea will be a great assist

here is named.conf contents

Code:
bash-3.00# cat   /var/named/etc/named.conf

options {
  directory "/var/named";
  // version statement - inhibited for security
  // (avoids hacking any known weaknesses)      
  version "get lost";
  // optional - disables all transfers 
  // slaves allowed in zone clauses
  allow-transfer {"none";};
        // Closed DNS - permits only local IPs to issue recursive queries 
  // remove if an Open DNS required to support all users 
  // or add additional ranges 
  allow-recursion { 192.168.0.0/16; 172.16.0.0/16;};
};
//
// log to /var/log/named/example.log all events from 
// info UP in severity (no debug)
// defaults to use 3 files in rotation
// BIND 8.x logging MUST COME FIRST in this file
// BIND 9.x parses the whole file before using the log
// failure messages up to this point are in (syslog) 
// typically /var/log/messages
//
  logging{
  channel example_log{
   file "/var/named/var/log/example.log" versions 3 size 2m;
   severity info;
   print-severity yes;
   print-time yes;
   print-category yes;
 };
 category default{
  example_log;
 };
};
// required zone for recursive queries
zone "." {
  type hint;
  file "named.root";
};
// required local host domain
//zone "localhost" in{
//  type master;
//  file "master.localhost";
//  allow-update{none;};
//};
// localhost reverse map
//zone "0.0.127.in-addr.arpa" in{
//  type master;
//  file "localhost.rev";
//  allow-update{none;};
//};

Last edited by h@foorsa.biz; 09-13-2012 at 07:27 AM..
# 2  
Old 09-13-2012
Unless I missed something really important -

The standard uses /etc/named/named.conf. This has been the case for a long time. You cannot have the conf file inside your chroot jail because it compromises security.

Yours is inside the -t /var/named chroot.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Chroot DNS RHEL6

Hi, Just installed BIND on rhel6 as a primary new DNS server and all went well, digging and resolving as it should. However, all zone files are listed in the /var/named dir as well as the /var/named/chroot/var/named. Although no dynamic links are shown, they are. This doesn't seem secure to me,... (2 Replies)
Discussion started by: Duffs22
2 Replies

2. UNIX for Dummies Questions & Answers

[Solved] Not able to do a chroot.

Hi all, I have two doms on my machine. I boot my machine from an rfs in one dom1 and mount the other rfs in the other dom2 at /media. Now I wanted to restrict access of users on dom2 to only their home directories. I do not want them to access any other directories on dom1 or dom2. So I mounted... (2 Replies)
Discussion started by: sai2krishna
2 Replies

3. AIX

sftp chroot + winbind + ad

I have next configuration : - AIX 5.3 (5300-11-03-1013) - pWare.SAMBA 3.5.8.1 - OpenSSH 5.2.0 - OpenSSL 0.9.8 Now, to be more clearly I'll explain what I need indeed. My task is set up integration AIX server to Active Directory 2008 with Samba (Winbind) for chrooted SSH connections. It... (3 Replies)
Discussion started by: jess_t03
3 Replies

4. Solaris

chroot Issues on Solaris

Hello Friends, I am trying the chroot command on a Solaris box (SunOS sx07 5.10 Generic_144489-12 i86pc i386 i86pc) but i am getting an error message chroot: exec failed: Exec format error Did any of you folks got this error before .. and how did you guys fix it .. please help me... (2 Replies)
Discussion started by: sudharma
2 Replies

5. AIX

DNS with chroot in aix 5.3

i am planning to configure the DNS server with restricted environment by chroot. Can anybody help me that what are all the filesets required to configure DNS with Chroot for aix 5.3 os. And also i need to run the bind with non root user. How can i configure that. I tried googling and... (1 Reply)
Discussion started by: kmvinay
1 Replies

6. Solaris

openssh and chroot.

Hi all. I have installed openssh 5.3 and set up jailed root. It works almost as I want it to I cant cd to any directory above my ch root. my config : entry in passwd: test2:x:103:113::/users2/test2:/bin/false sshd_conf: Match User test2 ChrootDirectory /users2/%u # ... (4 Replies)
Discussion started by: vettec3
4 Replies

7. UNIX for Dummies Questions & Answers

How to start a chroot jail?

I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
Discussion started by: mojoman
1 Replies

8. UNIX for Advanced & Expert Users

CHRoot Problem

HI , I am trying to setup chrooted environment on RHEL4, for squid proxy. I have copied the required libraries and stuff for chroot. Used the below for chroot-shell . user is squid # grep squid /etc/passwd squid:x:500:501::/opt/squid:/bin/chroot-shell directory trying to jail is... (2 Replies)
Discussion started by: Crazy_murli
2 Replies

9. AIX

chroot environment

Hi!! I'm currently running AIX 4.3.3 and i'm trying to setup a chroot environment for the users who use SFTP, i spend a lot time SFTW but i can't make it work. I got openssh3.9p1 whit the chroot patch. Any help is greatly appreciated. (0 Replies)
Discussion started by: samurai79
0 Replies

10. Linux

chroot?

If i were to create a new user for my ftp would chroot be the proper command to set there root directory as the file i've put all my FTP stuff in? Also would that jail them, or would they beable to get out of the set directory? (0 Replies)
Discussion started by: byblyk
0 Replies
Login or Register to Ask a Question