Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 05-08-2012, 11:40 PM   #1
LQ Newbie
Registered: Mar 2009
Posts: 5

Rep: Reputation: 0
Symbolic links and chroot BIND9

I have some software with a web gui back end to manage some DNS zones. Ive installed BIND manually and would like to keep it chrooted if possible.

zones are created in:
The web application auto writes the zone config in named.conf and creates the zone file in the folder above.

zone in named.conf
zone "" IN {
	type master;
	file "/var/named/chroot/zones/";
	allow-transfer { any; };
That is the correct location in the root file system, but not within the named chroot. To resolve this I created a symbolic link:

ls -l /var/named/chroot/var/named
lrwxrwxrwx. 1 root root   17 May  9 00:32 chroot -> /var/named/chroot
drwxrwxrwx. 2 root root 4096 May  8 21:51 data
drwxrwxrwx. 2 root root 4096 May  8 21:51 zones
Doing so resolves named's file not found failure but throws up a 'invalid file'
Which only occurs when going through a symbolic link.

Permissions appear appropriate on folders and files, manually adjusting named.conf avoiding the symbolic link - named starts right up.

Since creating hard links is not permitted, is there any way to resolve this (while still in chroot) without having to adjust the core of this software I use? Id rather adjust my system to work with these paths so further work isnt necessary with each updates to the software.

Last edited by synne; 05-08-2012 at 11:42 PM.
Old 05-09-2012, 07:34 AM   #2
LQ Guru
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
In chroot everything is seeing the chroot directory as "/". Your zone files and named.conf should NOT mention /var/named/chroot at all - they should all be relative to what is BENEATH that as if it were "/". That is to say if your zone files are in /var/named/chroot/var/named (as they are on RHEL/CENTOS when you use their BIND Chroot packages) then your named.conf should simply show "/var/named/<zonefile>" for the zone file path and NOT "/var/named/chroot/var/named/<zonefile>". Even though the latter is where you see the files when logged in as any other user it is the former where the chroot'ed user sees the files.

For this reason a symbolic link within the chroot doesn't go where you think.

That is to say when logged in as a non-chrooted user your symbolic link appears to be:
/var/named/chroot/var/named/chroot -> /var/named/chroot
So you think it is pointing back to the "real" /var/named/chroot". However since the chroot'ed user can't see the "real" root or anything above the "real" /var/named/chroot it thinks you're making a symbolic link back to itself so in "real" terms it can be thought of as:
/var/named/chroot/var/named/chroot ->/var/named/chroot/var/named/chroot
But to the chroot it is simply:
/var/named/chroot ->/var/named/chroot

What you need to do is adjust your web software if it is NOT running as the chroot'ed user so it knows the "real" paths rather than the chroot'ed paths so that when it decides to update files it is updating things under /var/named/chroot/etc (for named.conf) and /var/named/chroot/var/named (for zone files) rather than using defaults of just "/etc" and "/var/named". Alternatively you could try to work out how to make the web software run as the chrooted environment but that might require you to copy many more things into the chroot to get it running.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] BIND9 Chroot SMF sparc routers Solaris / OpenSolaris 8 08-12-2009 10:37 AM
Symbolic links Vs Hard links sulekha Linux - General 2 10-02-2008 07:03 AM
Debian Bind9 chroot problems eentonig Linux - Server 1 09-24-2008 10:39 AM
bind9 failed - bindnamed: chroot(): no such file or directory rly74 Linux - Software 1 05-29-2007 03:16 PM
Simple chroot Bind9 setup? canegames Linux - Software 1 06-30-2006 05:08 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:11 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration