Description of problem: Starting an IPA-configured bind with bind-chroot installed (the anaconda default) results in the error message: failed to load driver ldap.so : libldap-2.4.so.2 : cannot open shared object file : no such file or directory Uninstalling bind-chroot fixes it. We need to either configure bind to work in the chroot with the ldap backend or document that this does not work and warn users at install time. Version-Release number of selected component (if applicable): bind-9.7.0-9.P1.fc13.x86_64 bind-dyndb-ldap-0.1.0-0.8.a1.20091210git.fc13.x86_64
https://fedorahosted.org/freeipa/ticket/126
I think it is safe to say we weill not address this issue, as we are adding even more complexity to the bind plugin and setting up a chroot really has little to no benefit and instead requires a lot of work. For better security in the future ccontainers may become available, if any effort on better containerization will be afforded will be in that direction anyway. Closed upstream ticket already.