[blfs-dev] BIND, Part 2

Andrew Benton b3nton at gmail.com
Fri Feb 17 17:31:23 PST 2012


On Fri, 17 Feb 2012 15:56:58 -0800
Qrux <qrux.qed at gmail.com> wrote:

> 
> On Feb 17, 2012, at 1:28 AM, Qrux wrote:
> 
> > The version of BIND included with BLFS doesn't work.  Googled:
> > 
> > 	named initializing DST: openssl failure
> > 
> > ...My gut says the chroot environment is somehow incomplete...
> 
> Fixed!
> 
> After /srv/named has been setup, do this for BIND-9.8 + chroot-jail:
> 
> ==
> sudo mkdir -p /srv/named/usr/lib
> sudo /bin/cp -avf /usr/lib/engines /srv/named/usr/lib
> sudo chown -vR named.named /srv/named
> 
> cd /srv/named
> sudo ln -sfv lib lib64
> cd /srv/named/usr
> sudo ln -sfv lib lib64
> ==
> 
> The gist is, add /usr/lib/engines to the chroot-jail (which contains the shared libs for the engines that BIND can't seem to find).  Then--and this is the important part--add the /lib64 and /usr/lib64 symlinks in the jail.  This allows BIND-9.8 to run in a jail like a charm (odd image).  I'm sure someone can pretty this up for the book, but I've been able to get a server up and running with this.

Although I use Bind, I've not worked on the Bind page before. I could
have a go at this tomorrow if no-one else wants to take it.

Andy



More information about the blfs-dev mailing list