Install BIND in a Chroot Jail
- Added extra logging options
- Fix the init script from the old
- Move from /conf back to /etc/named
- Post scripts on pastebin
Old
# Setup our directories and users mkdir -p /var/chroot/named echo "named:x:200:200:Nameserver:/var/chroot/named:/bin/false" >> /etc/passwd echo "named:x:200:" >> /etc/group cd /var/chroot/named/ mkdir -p dev etc/namedb/slave var/run chown -R named:named etc/namedb/slave/ # Some required shindigles chown named:named /var/chroot/named/var/run mknod /var/chroot/named/dev/null c 1 3 mknod /var/chroot/named/dev/random c 1 8 chmod 666 /var/chroot/named/dev/{null,random} cp /etc/localtime /var/chroot/named/etc/ ### Come back to syslog # Secure that shit down chown root /var/chroot chmod 700 /var/chroot chown named.named /var/chroot/named chmod 700 /var/chroot/named/ cd /var/chroot/named chattr +i etc/localtime var # Install some bind action! (make sure no bind exists first) cd /usr/src wget http://ftp.isc.org/isc/bind9/9.6.1/bind-9.6.1.tar.gz tar zxvf bind-*.tar.gz cd bind* ./configure make && make install # Some configs cd bind* ./configure make && make install # Some configs vi /etc/init.d/named chmod +x /etc/init.d/named chkconfig --add named vi /var/chroot/named/etc/named.conf vi /var/chroot/named/etc/namedb/root.hint
