As per testers-list ideas and discussions, I propose /etc/sysconfig/named which could contain something like: OPTIONS=-t ROOTDIR=/chroot/bind/ The default would be to named with OPTIONS=, ROOTDIR=. init.d/named could be patched as attached (${ROOTDIR}xxx might use some work). Add /usr/sbin/populate-named-chroot and we have a system ready to be chrooted in a jiffy, no pain. Red Hat could be the first distribution to distribute bind with chroot hooks in place ;-)
Created attachment 7003 [details] init.d/named patch to be more options/chroot friendly
Disclaimer: Not really tested.
As a matter of coding defensively, PLEASE place options variables as shown inside double quotes, thus: OPTIONS=" -t " ... with the /etc/sysconfig/network-scripts/ifcfg-eth0:1 aliases, omitting the quotes confused the updated initscript in 6.0 or 6.1 for /etc/rc.d/init.d/network ... It would have avoided much pain ...
Done in 9.1.0-0.b1.1 The attached patch is quite broken, but a modified form thereof works, thanks.
Now that I think about this.. if you want to rndc.conf to reside inside chroot, you probably must pass ROOTDIR to rndc with -c (configuration file)
Having rndc.conf residing in the chroot structure is not a good idea. rndc.conf contains secret keys; if someone manages to break into the system over bind, he shouldn't have access to this file. He won't if it's outside the chroot jail.
Uhm... btw... is Florence planned to come with bind9 only, or will bind8 still be provided (hopefully as default)?