Please install bind9 in a chroot
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| bind9 (Ubuntu) |
Triaged
|
Wishlist
|
Unassigned | ||
Bug Description
Binary package hint: bind9
Bind doesn't have the best track record for security and doesn't really access anything outside of itself. Is there any chance for getting it to install into a chroot environment?
Steps to make this possible:
vi /etc/default/bind9 and change OPTIONS to
OPTIONS="-u bind -t /var/spool/bind9"
mkdir -p /var/spool/
mkdir /var/spool/
mkdir -p /var/spool/
mkdir -p /var/spool/
mv /etc/bind /var/spool/
ln -s /var/spool/
mknod /var/spool/
mknod /var/spool/
chmod 666 /var/spool/
chown -R bind:bind /var/spool/
chown -R bind:bind /var/spool/
You also need to make a small change to syslog (this is the tricky bit for automating....)
vi /etc/init.
SYSLOGD="-u syslog -a /var/lib/
| Changed in bind9: | |
| importance: | Undecided → Wishlist |
| status: | New → Triaged |
| LaMont Jones (lamont) wrote | #1 |
| summary: |
- Installing bind9 in a chroot + Please install bind9 in a chroot |
| Christian Ehrhardt (paelzer) wrote | #2 |
Unfortunately, if bind9 were to modify /etc/init.