[BlueOnyx:11621] BX BIND files
George F. Nemeyer
tigerwolf at tigerden.com
Fri Oct 26 20:15:48 -05 2012
I've just spent several days trying to fathom the files and locations for
BIND under the BX/RedHat 'chroot jail' scheme.
Where some files are seems to vary according to the RH/Fedora
distribution... some want to put the usual database entries for BIND
( /etc/named/<db.hosts> ) into the /var/named/ directory instead.
So under the chroot jail scheme, those directories become instead:
/var/named/chroot/etc/named/<db.hosts>
or ***
/var/named/chroot/var/named/<db.hosts>
***
What's even WORSE, is that installing the RedHat repository
'caching-nameserver' package *CHANGES* the directory locations specified
in the basic BX/RH BIND package /etc/named.conf for db files and moves
things around!!!!! So it seems to work for a time until something pokes
the CCE. Then the BX CCE overwrites with the directory *IT* wants...and
that breaks everything! I was literally tearing out what little hair I
have left over this!
I'd really love to see a list what BX *really* expects in terms of
- all BIND nameserver related files
- files that the BX CCE wants/writes/changes
- owner and group for the files
- full paths/directories for all the files
- permissions for directories and files
- anything else that might bite back
The reason is, I want to complile a an experimental rate-limiting version
of bind to mitigate the DNS reflector attacks mentioned in another thread.
For BX boxes, I'd like to be sure something's not going to break because
of things the CCE expects or does/redoes.
=^_^= Tigerwolf
More information about the Blueonyx
mailing list