Bug 23246

Summary: RFE - support initscripts options, chroot hooks
Product: [Retired] Red Hat Linux Reporter: Pekka Savola <pekkas>
Component: bindAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1CC: dr, herrold
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-01-04 13:46:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
init.d/named patch to be more options/chroot friendly none

Description Pekka Savola 2001-01-03 20:38:42 UTC 
As per testers-list ideas and discussions, I propose /etc/sysconfig/named which could
contain something like:

OPTIONS=-t
ROOTDIR=/chroot/bind/

The default would be to named with OPTIONS=, ROOTDIR=.

init.d/named could be patched as attached (${ROOTDIR}xxx might use some work).

Add /usr/sbin/populate-named-chroot and we have a system ready to be chrooted in a 
jiffy, no pain.

Red Hat could be the first distribution to distribute bind with chroot hooks in place ;-)
Comment 1 Pekka Savola 2001-01-03 20:39:47 UTC 
Created attachment 7003 [details]
init.d/named patch to be more options/chroot friendly
Comment 2 Pekka Savola 2001-01-03 20:41:16 UTC 
Disclaimer: Not really tested.
Comment 3 R P Herrold 2001-01-04 02:13:43 UTC 
As a matter of coding defensively, PLEASE place options variables as
shown inside double quotes, thus:

OPTIONS=" -t "

... with the /etc/sysconfig/network-scripts/ifcfg-eth0:1 aliases,
omitting the quotes confused the updated initscript in 6.0 or 6.1 for
/etc/rc.d/init.d/network ... It would have avoided much pain ...
Comment 4 Bernhard Rosenkraenzer 2001-01-04 14:15:05 UTC 
Done in 9.1.0-0.b1.1
The attached patch is quite broken, but a modified form thereof works, thanks.
Comment 5 Pekka Savola 2001-01-04 14:24:26 UTC 
Now that I think about this.. if you want to rndc.conf to reside inside chroot,
you probably must
pass ROOTDIR to rndc with -c (configuration file)
Comment 6 Bernhard Rosenkraenzer 2001-01-04 14:29:40 UTC 
Having rndc.conf residing in the chroot structure is not a good idea.
rndc.conf contains secret keys; if someone manages to break into the system over
bind, he shouldn't have access to this file.
He won't if it's outside the chroot jail.
Comment 7 Daniel Roesen 2001-01-04 14:33:45 UTC 
Uhm... btw... is Florence planned to come with bind9 only, or will bind8 still
be provided (hopefully as default)?