Differences

This shows you the differences between two versions of the page.

--- chrooted_dns [2007/01/03 12:10]
adam created
+++ chrooted_dns [2016/11/25 22:38] (current)
@@ Line 5: / Line 5: @@
 Run
-apt-get install bind9
+  apt-get install bind9
 For security reasons we want to run BIND chrooted so we have to do the following steps:
-/etc/init.d/bind9 stop
+  /etc/init.d/bind9 stop
-Edit the file /etc/default/bind9 so that the daemon will run as the unprivileged user bind, chrooted to /var/lib/named. Modify the line: OPTIONS=" -u bind" so that it reads OPTIONS="-u bind -t /var/lib/named":
+Edit the file ''/etc/default/bind9'' so that the daemon will run as the unprivileged user bind, chrooted to /var/lib/named.
-vi /etc/default/bind9
+Modify the line: ''OPTIONS=" -u bind"'' so that it reads ''OPTIONS="-u bind -t /var/lib/named"'':
-OPTIONS="-u bind -t /var/lib/named"
+  vi /etc/default/bind9
-# Set RESOLVCONF=no to not run resolvconf
-RESOLVCONF=yes
+  OPTIONS="-u bind -t /var/lib/named"
+  # Set RESOLVCONF=no to not run resolvconf
+  RESOLVCONF=yes
 Create the necessary directories under /var/lib:
-mkdir -p /var/lib/named/etc
+  mkdir -p /var/lib/named/etc
-mkdir /var/lib/named/dev
+  mkdir /var/lib/named/dev
-mkdir -p /var/lib/named/var/cache/bind
+  mkdir -p /var/lib/named/var/cache/bind
-mkdir -p /var/lib/named/var/run/bind/run
+  mkdir -p /var/lib/named/var/run/bind/run
 Then move the config directory from /etc to /var/lib/named/etc:
-mv /etc/bind /var/lib/named/etc
+  mv /etc/bind /var/lib/named/etc
 Create a symlink to the new config directory from the old location (to avoid problems when bind is upgraded in the future):
-ln -s /var/lib/named/etc/bind /etc/bind
+  ln -s /var/lib/named/etc/bind /etc/bind
 Make null and random devices, and fix permissions of the directories:
-mknod /var/lib/named/dev/null c 1 3
+  mknod /var/lib/named/dev/null c 1 3
-mknod /var/lib/named/dev/random c 1 8
+  mknod /var/lib/named/dev/random c 1 8
-chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
+  chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
-chown -R bind:bind /var/lib/named/var/*
+  chown -R bind:bind /var/lib/named/var/*
-chown -R bind:bind /var/lib/named/etc/bind
+  chown -R bind:bind /var/lib/named/etc/bind
-We need to modify the startup script /etc/init.d/sysklogd of sysklogd so that we can still get important messages logged to the system logs. Modify the line: SYSLOGD="-u syslog" so that it reads: SYSLOGD="-u syslog -a /var/lib/named/dev/log":
+We need to modify the startup script /etc/init.d/sysklogd of sysklogd so that we can still get important messages logged to the system logs. Modify the line: ''SYSLOGD="-u syslog"'' so that it reads: ''SYSLOGD="-u syslog -a /var/lib/named/dev/log"'':
-vi /etc/init.d/sysklogd
+  vi /etc/init.d/sysklogd
 [...]
-SYSLOGD="-u syslog -a /var/lib/named/dev/log"
+  SYSLOGD="-u syslog -a /var/lib/named/dev/log"
 [...]
 Restart the logging daemon:
-/etc/init.d/sysklogd restart
+  /etc/init.d/sysklogd restart
 Start up BIND, and check /var/log/syslog for errors:
-/etc/init.d/bind9 start
+  /etc/init.d/bind9 start

Adam Sweet's Wiki

User Tools

Site Tools

Differences

Page Tools