susetremor.com
Date: Tue Sep 28 2004 - 13:16:15 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Oh and I should have added that both named and dhcpd should have the
chroot jail under the same folder, like this:

/jail
 -dhcpd
 -named

so you have /jail/dhcpd and /jail/named and their chroot should be /jail.
I doubt you can have down as far as /jail/dhcpd and /jail/named, as they
won't be able to up one level then down to the other side.

> Your issue is that dhcpd is running as the user dhcpd but the permissions
> on the test.it directory (and I'm assuming the files as well) do not have
> the correct permissions for dhcpd to update it.
>
> If you "chmod 775 test.it" and "chmod 664" the files inside that folder,
> then make the user dhcpd part of the named group, you should be good.
>
>
>> Hi,
>> I wanna configure dhcpd and named in chroot jail for security reason.
>> Dhcpd and named work well but dhcpd does not update named and in the
>> log
>> files i have nothing that help me to understand the problem.
>> I use suse professional 9.1.
>> I read the document in /usr/share/doc/packages/bind but i do not know
>> where is the problem.
>> Could you help me ?
>> Best regards,
>> Cristian Del Carlo.
>
>>
>> 5) /etc/sysconfig/dhcpd
>> DHCPD_INTERFACE="eth0"
>> DHCPD_RUN_CHROOTED="yes"
>> DHCPD_CONF_INCLUDE_FILES="/etc/named.keys"
>> DHCPD_RUN_AS="dhcpd"
>> DHCPD_OTHER_ARGS=""
>> DHCPD_BINARY=""
>>
>> 6) ls -al /var/lib/named
>> drwxr-xr-x 2 named named 4096 Sep 28 18:54 test.it
>
>
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-helpsuse.com
> Security-related bug reports go to securitysuse.de, not here
>
>

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]