A while ago, I blogged the chrooting of bind9 on Debian, so I wouldn't forget how to do it. Things have changed slightly for Lenny, so here's the update.
The assumption is, you've got an up-to-date Debian machine, running lenny. Then:
Install bind9 and its docs and utilities: # apt-get install bind9 bind9-doc dnsutils
It will probably autostart after install, so stop it before proceeding: # /etc/init.d/bind9 stop
Create your chroot. This requires a minimal file tree: # mkdir -p /var/chroot/bind9/{etc,dev,var/cache/bind,var/run/bind/run} # chown -R bind:bind /var/chroot/bind9/var/*
And some devices: # mknod /var/chroot/bind9/dev/null c 1 3 # mknod /var/chroot/bind9/dev/random c 1 8 # chmod 666 /var/chroot/bind9/dev/{null,random}
Start bind9 and make sure it works # /etc/init.d/bind9 start Starting domain name service...: bind. # ps ax | grep [n]amed 5397 ? Ssl 0:00 /usr/sbin/named -u bind -t /var/chroot/bind9 # host localhost. 127.0.0.1 localhost A 127.0.0.1
Now, you're done the chroot portion. Copy over your old named.conf.local and db.yourdomain-here files, and restart again. Tags: bind chroot debian lenny linux Last edited Sun 01 Nov 2009 08:26:58 AM EST