RE: named in sandbox

From: Mitch (bitblock) (mitch_at_bitblock.com)
Date: 05/21/04

Next message: Marco Molteni: "Re: 802.1x, HOSTAP, station association notifications"

Previous message: Dmitri Denissov: "RE: protecting netgraph calls from outside of the network context"
In reply to: Muhammad Reza: "named in sandbox"
Next in thread: Matthew Seaman: "Re: named in sandbox"
Reply: Matthew Seaman: "Re: named in sandbox"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: "Muhammad Reza" <reza@mra.co.id>, freebsd-net@freebsd.org, freebsd-questions@freebsd.org
Date: Thu, 20 May 2004 23:02:46 -0700

You need to compile named-xfer as statically linked, or move it's dependant
libraries into the chroot.

Can't remember the details of how I did that, and I don't use named any
more - but that's your problem.

hope that helps.

> -----Original Message-----
> From: owner-freebsd-net@freebsd.org
> [mailto:owner-freebsd-net@freebsd.org]On Behalf Of Muhammad Reza
> Sent: Thursday, May 20, 2004 10:02 PM
> To: freebsd-net@freebsd.org; freebsd-questions@freebsd.org
> Subject: named in sandbox
>
>
> dear All,
>
> I running named in sandbox as a secondary name server with
> FreeBSD-5.1.p17,
> Named log always complain:
> named-xfer exited with signal 6 and slave zone expired for every zone
> transfer.
> but, when it's running on default mode (no chroot sandbox) or as a
> primary server (with chroot sandbox). named work fine.
> please help me , how to make secondary zone transfer running in sandbox
>
> regards
> reza
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>

_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

Next message: Marco Molteni: "Re: 802.1x, HOSTAP, station association notifications"

Previous message: Dmitri Denissov: "RE: protecting netgraph calls from outside of the network context"
In reply to: Muhammad Reza: "named in sandbox"
Next in thread: Matthew Seaman: "Re: named in sandbox"
Reply: Matthew Seaman: "Re: named in sandbox"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

RE: named in sandbox
... You need to compile named-xfer as statically linked, ... libraries into the chroot. ... > Subject: named in sandbox ... > named-xfer exited with signal 6 and slave zone expired for every zone ...
(freebsd-questions)
Re: /var/named Changes Ownership to Root on Boot
... In freebsd-questions Digest, Vol 207, Issue 18, Message: ... You can run bind in a sandbox as the ... documentation says and have it chroot but if you do, ...
(freebsd-questions)
Re: FreeBSD Security Advisory: FreeBSD-SA-01:18.bind
... > as user flags it would be trivial to have it the defaultt. ... created in the chroot environment. ... only functionality you lose is the ability to bind new interfaces while ... > run bind in a sandbox at this point, ...
(FreeBSD-Security)
Re: named in sandbox
... > You need to compile named-xfer as statically linked, ... > libraries into the chroot. ... Or switch to the BIND9 port which doesn't have a separate named-xfer ...
(freebsd-net)
Re: named in sandbox
... > You need to compile named-xfer as statically linked, ... > libraries into the chroot. ... Or switch to the BIND9 port which doesn't have a separate named-xfer ...
(freebsd-questions)