On 28/06/2021 09:44, Ed Greshko wrote:
> On 28/06/2021 09:39, ToddAndMargo via users wrote:
>> On 6/27/21 5:34 PM, Ed Greshko wrote:
>>> On 28/06/2021 06:40, ToddAndMargo via users wrote:
>>>> On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
>>>>> On 6/25/21 12:24 AM, Tim via users wrote:
>>>>>> On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
>>>>>>> I am trying to clean up my bind-chroot forward and reverse
files.
>>>>>>>
>>>>>>> The goal is to have bind-chroot do its thing by duplicating
>>>>>>> these two files over into
>>>>>>> /var/named/chroot/var/named/slaves/
>>>>>>> with the identical inodes like it does with named.root and
>>>>>>> named.root.key:
>>>>>>
>>>>>> Hang on... If you're wanting it to bring things from outside
of the
>>>>>> chroot into it, what's the point of chrooting? You're
breaking the
>>>>>> jail by doing that.
>>>>>>
>>>>>> The old approach was you created all the files in the chroot,
where
>>>>>> bind-chroot makes use of them. And, you have a link outside of
the
>>>>>> chroot into it, so that *you* can edit /etc/named.something
without
>>>>>> thinking about it. But, ultimately, you shouldn't need any
files
>>>>>> outside of the chroot, at all. And there's probably some
>>>>>> advantage in
>>>>>> just having one set (less confusing for you, at the very least).
>>>>>>
>>>>>
>>>>> Hi Tim,
>>>>>
>>>>> Bing-chroot uses "mount --bind". It is not occurring
>>>>> on my zone files.
>>>>>
>>>>> For a good explanation, see
>>>>>
>>>>>
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
>>>>>
>>>>> -T
>>>>
>>>>
>>>> I have moved my zone fines to /var/named
>>>>
>>>> Mount bind still does not get them. I had to
>>>> manually copy them over.
>>>>
>>>>
>>>> zone "abc.local" {
>>>> type master;
>>>> # file "/var/named/chroot/var/named/abc.hosts";
>>>> file "abc.hosts";
>>>> allow-update { key DHCP_UPDATER; };
>>>> # allow-update { 127.0.0.1; };
>>>> };
>>>>
>>>> zone "255.168.192.in-addr.arpa" {
>>>> type master;
>>>> # file "/var/named/chroot/var/named/abc.hosts.rev";
>>>> file "abc.hosts.rev";
>>>> allow-update { key DHCP_UPDATER; };
>>>> # allow-update { 127.0.0.1; };
>>>> };
>>>>
>>>>
>>>
>>> You may want to start "clean".
>>>
>>> First stop named-chroot and start the named server to make sure it
>>> doesn't produced erros.
>>> If that check ok, then stop named.
>>>
>>> Then do
>>>
>>> rpm -e --nodeps bind-chroot
>>> rm -rf /var/named/chroot
>>> dnf install bind-chroot
>>>
>>> Then, without moving any files or doing anything, start named-chroot
>>>
>>> FYI, I just did the above procedure on my test system without trouble.
>>
>> Did it do a mount --bind on your zone files?
>>
>
> Of course......
and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/
/var/named/chroot/var/named/slaves/:
2415417 greshko.com.zone
/var/named/slaves/:
2415417 greshko.com.zone
>
Can I talk you out of a?
# stat /var/named/slaves/ | grep Inode
# stat /var/named/chroot/var/named/slaves/ | grep Inode