|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: chroot on solaris 10
From: Wietse Venema (wietse
porcupine.org)
Date: Thu Sep 02 2004 - 07:45:49 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Geoff Gibbs:
> > it -seems- that postfix is unable to resolve IPs when in jail under solaris
> 10.
> >
> > Can anyone help me pinpoint what I might be missing?
>
> If you're running Solaris 10, then it might be interesting to
> forget chroot and have a look at zones, which provide
> protected environments and are almost virtual machines.
>
> It should provide much better protection than chroot
> while providing a standard environment.
Beware.
A Solaris zone (FreeBSD jail, Linux Vserver) contains a standard
environment including set-uid commands, while the chroot environment
contains only the files needed by Postfix.
I would still use chroot. Zones would help to separate
process name spaces.
Wietse
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]