On 28/06/2021 09:39, ToddAndMargo via users wrote:
> On 6/27/21 5:34 PM, Ed Greshko wrote:
>> On 28/06/2021 06:40, ToddAndMargo via users wrote:
>>> On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
>>>> On 6/25/21 12:24 AM, Tim via users wrote:
>>>>> On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
>>>>>> I am trying to clean up my bind-chroot forward and reverse
files.
>>>>>
>>>>>> The goal is
to have bind-chroot do its thing by duplicating
>>>>>> these two files over into
>>>>>> /var/named/chroot/var/named/slaves/
>>>>>> with the identical inodes like it does with named.root and
>>>>>> named.root.key:
>>>>
>>>>> Hang on... If
you're wanting it to bring things from outside of the
>>>>> chroot into it, what's the point of chrooting? You're
breaking the
>>>>> jail by doing that.
>>>>
>>>>> The old
approach was you created all the files in the chroot, where
>>>>> bind-chroot makes use of them. And, you have a link outside of the
>>>>> chroot into it, so that *you* can edit /etc/named.something without
>>>>> thinking about it. But, ultimately, you shouldn't need any
files
>>>>> outside of the chroot, at all. And there's probably some
advantage in
>>>>> just having one set (less confusing for you, at the very least).
>>>>
>>>
>>>> Hi Tim,
>>>
>>>> Bing-chroot uses
"mount --bind". It is not occurring
>>>> on my zone files.
>>>
>>>> For a good
explanation, see
>>>
>>>>
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
>>>
>>>> -T
>>
>>
>>> I have moved my zone fines to /var/named
>>
>>> Mount bind still does
not get them. I had to
>>> manually copy them over.
>>
>>
>>> zone "abc.local" {
>>> type master;
>>> # file "/var/named/chroot/var/named/abc.hosts";
>>> file "abc.hosts";
>>> allow-update { key DHCP_UPDATER; };
>>> # allow-update { 127.0.0.1; };
>>> };
>>
>>> zone
"255.168.192.in-addr.arpa" {
>>> type master;
>>> # file "/var/named/chroot/var/named/abc.hosts.rev";
>>> file "abc.hosts.rev";
>>> allow-update { key DHCP_UPDATER; };
>>> # allow-update { 127.0.0.1; };
>>> };
>>
>>
>
>> You may want to start
"clean".
>
>> First stop named-chroot and start the named server to
make sure it doesn't produced erros.
>> If that check ok, then stop named.
>
>> Then do
>
>> rpm -e --nodeps bind-chroot
>> rm -rf /var/named/chroot
>> dnf install bind-chroot
>
>> Then, without moving any files or doing anything,
start named-chroot
>
>> FYI, I just did the above procedure on my test system
without trouble.
> Did it do a mount --bind on your zone files?
Of course......
and....
[root@f33k ~]# ls -i /var/named/chroot/var/named/slaves/ /var/named/slaves/
/var/named/chroot/var/named/slaves/:
2415417 greshko.com.zone
/var/named/slaves/:
2415417 greshko.com.zone