On 28/06/2021 06:40, ToddAndMargo via users wrote:
> On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
>> On 6/25/21 12:24 AM, Tim via users wrote:
>>> On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
>>>> I am trying to clean up my bind-chroot forward and reverse files.
>>>>
>>>> The goal is to have bind-chroot do its thing by duplicating
>>>> these two files over into
>>>> /var/named/chroot/var/named/slaves/
>>>> with the identical inodes like it does with named.root and
>>>> named.root.key:
>>>
>>> Hang on... If you're wanting it to bring things from outside of the
>>> chroot into it, what's the point of chrooting? You're breaking the
>>> jail by doing that.
>>>
>>> The old approach was you created all the files in the chroot, where
>>> bind-chroot makes use of them. And, you have a link outside of the
>>> chroot into it, so that *you* can edit /etc/named.something without
>>> thinking about it. But, ultimately, you shouldn't need any files
>>> outside of the chroot, at all. And there's probably some advantage in
>>> just having one set (less confusing for you, at the very least).
>>>
>>
>> Hi Tim,
>>
>> Bing-chroot uses "mount --bind". It is not occurring
>> on my zone files.
>>
>> For a good explanation, see
>>
>>
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
>>
>> -T
>
>
> I have moved my zone fines to /var/named
>
> Mount bind still does not get them. I had to
> manually copy them over.
>
>
> zone "abc.local" {
> type master;
> # file "/var/named/chroot/var/named/abc.hosts";
> file "abc.hosts";
> allow-update { key DHCP_UPDATER; };
> # allow-update { 127.0.0.1; };
> };
>
> zone "255.168.192.in-addr.arpa" {
> type master;
> # file "/var/named/chroot/var/named/abc.hosts.rev";
> file "abc.hosts.rev";
> allow-update { key DHCP_UPDATER; };
> # allow-update { 127.0.0.1; };
> };
>
>
You may want to start "clean".
First stop named-chroot and start the named server to make sure it
doesn't produced erros.
If that check ok, then stop named.
Then do
rpm -e --nodeps bind-chroot
rm -rf /var/named/chroot
dnf install bind-chroot
Then, without moving any files or doing anything, start named-chroot
FYI, I just did the above procedure on my test system without trouble.