Hi all, Firstly sorry if this has been covered earlier. I could not find any informaiton previously posted. Im trying to find out info on chrooting both named bind and postfix. on suse 8 I notice that both services have a chroot sysconfig variable which has been set to yes but there appears to be no actual call to the chroot binary. I have tried this using dhcpd which works a treat with the process list clearly showing that the daemon is running under a chroot env etc this does not occur for both named and postfix. Any ideas thanks Brett Stevens
Hi, actually you only have to set "POSTFIX_CHROOT=yes and POSTFIX_UPDATE_CHROOT_JAIL=yes in /etc/sysconfig/postfix if you´re running Suse > 8.0. Remember to copy the files that are needed to your /etc/postfix/-directory as soon as you have make som changes! Go to the latter and do a ls -ltra to find out what the system did copy to the "new" chrooted directory: main.cf etc resoilv.conf var and so on.. good luck with it! lars
Hi all, Firstly sorry if this has been covered earlier. I could not find any informaiton previously posted. Im trying to find out info on chrooting both named bind and postfix. on suse 8 I notice that both services have a chroot sysconfig variable which has been set to yes but there appears to be no actual call to the chroot binary. I have tried this using dhcpd which works a treat with the process list clearly showing that the daemon is running under a chroot env etc this does not occur for both named and postfix. Any ideas
thanks
Brett Stevens
* Brett Stevens wrote on Wed, Jan 29, 2003 at 15:39 +1100:
been set to yes but there appears to be no actual call to the chroot binary.
I know for bind and it's reasonable for postfix to have the chroot call code built-in, so there is no need to call a mini program like /bin/chroot. lars gave tips already, I would like to append: make sure you have a /chroot/dev/log accepted by syslog, otherwise lights turn off :) oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
lars gave tips already, I would like to append: make sure you have a /chroot/dev/log accepted by syslog, otherwise lights turn off :) Steffen
that´s smart, and worth to be mentioned ;-) greetings -- http://www.ruebenschweine.de Try also: www.warzenpower.de +++ www.lars-und-sandra.de +++ www.r100rt.de Diese email wurde automatisch generiert, Sie können deshalb nicht darauf antworten; webmaster@warzenpower.de
Hi! On Wed, 29 Jan 2003, Brett Stevens wrote:
Im trying to find out info on chrooting both named bind and postfix. on suse 8 I notice that both services have a chroot sysconfig variable which has been set to yes but there appears to be no actual call to the chroot binary. I have tried this using dhcpd which works a treat with the process list clearly showing that the daemon is running under a chroot env etc this does not occur for both named and postfix.
How do you make ps display a process' root directory? The man page is *a little* terse regarding the output options... I use the following: (You must run this as root, for some reason.) # lsof -c named | grep -w rtd named 17511 root rtd DIR 3,6 4096 96240 /chroot/named named 17512 root rtd DIR 3,6 4096 96240 /chroot/named named 17513 root rtd DIR 3,6 4096 96240 /chroot/named named 17514 root rtd DIR 3,6 4096 96240 /chroot/named named 17515 root rtd DIR 3,6 4096 96240 /chroot/named So, named is clearly chrooted on this box... Martin
participants (4)
-
Brett Stevens -
lars -
Martin Köhling -
Steffen Dettmer