On 6/26/21 7:27 PM, ToddAndMargo via users wrote:
On 6/25/21 12:24 AM, Tim via users wrote:
> On Thu, 2021-06-24 at 21:04 -0700, ToddAndMargo via users wrote:
>> I am trying to clean up my bind-chroot forward and reverse files.
>>
>> The goal is to have bind-chroot do its thing by duplicating
>> these two files over into
>> /var/named/chroot/var/named/slaves/
>> with the identical inodes like it does with named.root and
>> named.root.key:
>
> Hang on... If you're wanting it to bring things from outside of the
> chroot into it, what's the point of chrooting? You're breaking the
> jail by doing that.
>
> The old approach was you created all the files in the chroot, where
> bind-chroot makes use of them. And, you have a link outside of the
> chroot into it, so that *you* can edit /etc/named.something without
> thinking about it. But, ultimately, you shouldn't need any files
> outside of the chroot, at all. And there's probably some advantage in
> just having one set (less confusing for you, at the very least).
>
Hi Tim,
Bing-chroot uses "mount --bind". It is not occurring
on my zone files.
For a good explanation, see
https://bugzilla.redhat.com/show_bug.cgi?id=1972022#c3
-T
I have moved my zone fines to /var/named
Mount bind still does not get them. I had to
manually copy them over.
zone "abc.local" {
type master;
# file "/var/named/chroot/var/named/abc.hosts";
file "abc.hosts";
allow-update { key DHCP_UPDATER; };
# allow-update { 127.0.0.1; };
};
zone "255.168.192.in-addr.arpa" {
type master;
# file "/var/named/chroot/var/named/abc.hosts.rev";
file "abc.hosts.rev";
allow-update { key DHCP_UPDATER; };
# allow-update { 127.0.0.1; };
};