| View previous topic :: View next topic |
| Author |
Message |
jeom01
n00b
Joined: 12 Aug 2003
Posts: 45
|
 Posted: Mon Sep 29, 2003 11:04 am Post subject: chroot bind permission problems |
 |
|
I'm trying to run bind chrooted, which isn't pretty hard.
I started with following instructions:
http://www.gentoo.org/doc/en/gentoo-security.xml
| Code: |
# mkdir -p /chroot
# mkdir /chroot/dns
# mkdir /chroot/dns/dev
# mkdir /chroot/dns/etc
# mkdir /chroot/dns/var
# mkdir /chroot/dns/var/run
# mkdir /chroot/dns/var/run/named
# chown -R named:named /chroot/dns/var/run/named
# cp -R /etc/bind /chroot/dns/etc/.
# cp /etc/localtime /chroot/dns/etc/localtime
# cp -R /var/bind /chroot/dns/var/.
# mknod /chroot/dns/dev/zero c 1 5
# chmod 666 /chroot/dns/dev/zero
# mknod /chroot/dns/dev/random c 1 8
# chmod 666 /chroot/dns/dev/random
# cp -a /dev/log /chroot/dns/dev/log
# cd /chroot/dns
# chattr +i etc etc/localtime var
|
But then I realized that gentoo has a script which does it probably better.
When I try to delete everything in /chroot/dns, I get permission denied, even though I have changed the permission and ownership of all files in the tree.
What do I miss? (And Yes, I am logged in as root) |
|
| Back to top |
|
 |
gwenn
n00b
Joined: 10 Jul 2002
Posts: 17
Location: Rennes
|
| Posted: Mon Sep 29, 2003 12:48 pm Post subject: |
|
|
From the chattr man page:
"A file with the `i' attribute cannot be modified: it can- not be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser can set or clear this attribute."
-- Gwenn |
|
| Back to top |
|
|
|
Networking & Security
