Subject: Re: mknod in a chroot jail
To: None <>
From: Alan Post <>
List: tech-security
Date: 07/17/2005 14:28:23
In article <>, Edgar Fuß wrote:
> It was suggested not to run any root processes chroot-ed.
> What, then, is the preferred way of running named (or, mor generally,
> providing name service) or ntpd?

ntpd can run chrooted as ntpd:ntpd

  ntpd    1776    ??          /usr/sbin/ntpd -u ntpd:ntpd -i /var/chroot/ntpd 

From rc.conf on a 1.6.X machine:

  ntpd=YES ntpd_chrootdir=/var/chroot/ntpd