netbsd-help: RE: chroot environment

Subject: RE: chroot environment
To: None <NetBSD-Current@Pino.com>
From: rgf <rgfisch@excite.com>
List: netbsd-help
Date: 02/26/2004 17:11:09

 --- On Thu 02/26, Conrad T. Pino < NetBSD-Current@Pino.com > wrote:

Manual configuration required.  Must setup chroot jail first and modify /etc/rc.conf second.
Comments from /etc/defaults/rc.conf:
# To run the named(8) DNS server as an unprivileged user under a
# chroot(2) cage, uncomment the following after migrating the contents
# of /etc/namedb to /var/chroot/named/etc/namedb
#
#named_chrootdir="/var/chroot/named"
# To run the ntpd(8) NTP server as an unprivileged user under a
# chroot(2) cage, uncomment the following, after ensuring that:
#       - The kernel has "pseudo-device clockctl" compiled in
#       - /dev/clockctl is present
#
#ntpd_chrootdir="/var/chroot/ntpd"

Thanks Conrad,
I stumbled on the above comments in /etc/defaults/rc.conf.
(Wouldn't have expected them there) for ntpd and named.  I've got those
up and running.  I see the /var/chroot/sshd directory has already been
created, but I guess I'll have to do some more documentation digging
to see how to get it changed over.

Regards,
  - Rog

_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!