Subject: Re: mknod in a chroot jail
To: None <tech-security@netbsd.org>
From: Alan Post <apost@recalcitrant.org>
List: tech-security
Date: 07/17/2005 14:28:23
In article <20050717095042.GA15164@orion.intra.net>, Edgar Fuß wrote:
>
> It was suggested not to run any root processes chroot-ed.
> What, then, is the preferred way of running named (or, mor generally,
> providing name service) or ntpd?
ntpd can run chrooted as ntpd:ntpd
ntpd 1776 ?? /usr/sbin/ntpd -u ntpd:ntpd -i /var/chroot/ntpd
From rc.conf on a 1.6.X machine:
ntpd=YES ntpd_chrootdir=/var/chroot/ntpd