Disable Named in chroot and remove chroot partition

Submitted by Mathew Branwell on Mon, 05/19/2014 - 12:15

The recent versions of bind recommends the chroot environment for better security. When considering the most used popular Linux distribution ‘Red Hat’, they ship a package called ‘bind-chroot’ for the chrooting of bind. By default the bind or named daemon runs in a chroot environment.

But users who want to run ‘named’ in the old fashion may do so by disabling the ‘chroot’ environment. The ‘chroot’ing feature can be disabled by commenting out the directive ‘ROOTDIR=/var/named/chroot’ in the file ‘/etc/sysconfig/named’ and then restarting the ‘named’ service.

df -h
yum -y remove bind-chroot
nano /etc/sysconfig/named

And remove/comment out any lines that look like ROOTDIR="/var/named/chroot"

chown named:named /etc/named.conf
df -h

Tags:

Add new comment

More information about text formats

Filtered HTML

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <pre>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.