Spacerats little techwiki

User Tools

Site Tools

Trace:
jessie_bind_chroot

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
jessie_bind_chroot [2015/12/18 20:47] adminjessie_bind_chroot [2016/01/25 08:33] (current) – [Long story short:] admin
Line 30: Line 30:
  
 <code> <code>
-mkdir -p /var/bind9/chroot/{etc,dev,var/cache/bind,var/run/named}+mkdir -p /var/bind9/chroot/{etc,dev,var/cache/bind,var/run/named,var/log}
 </code> </code>
  
Line 38: Line 38:
 mknod /var/bind9/chroot/dev/random c 1 8 mknod /var/bind9/chroot/dev/random c 1 8
 chmod 660 /var/bind9/chroot/dev/{null,random} chmod 660 /var/bind9/chroot/dev/{null,random}
 +chown bind /var/bind9/chroot/dev/random
 </code> </code>
 Move the current config directory into the new chroot directory: Move the current config directory into the new chroot directory:
Line 57: Line 58:
 chgrp bind /var/bind9/chroot/var/{cache/bind,run/named} chgrp bind /var/bind9/chroot/var/{cache/bind,run/named}
 </code> </code>
-Edit the PIDFILE variable in vi  to the correct path:+Edit the PIDFILE variable to the correct path:
 <code> <code>
 PIDFILE=/var/bind9/chroot/var/run/named/named.pid PIDFILE=/var/bind9/chroot/var/run/named/named.pid
Line 69: Line 70:
 /etc/init.d/rsyslog restart; /etc/init.d/bind9 start /etc/init.d/rsyslog restart; /etc/init.d/bind9 start
 </code> </code>
-A good idea too + 
-<code> +====Logging==== 
-chown bind /var/bind9/chroot/dev/random+ 
 +/etc/logrotate.d/named
 <code> <code>
 +/var/bind9/chroot/var/log/bind.log {
 +        daily
 +        compress
 +        delaycompress
 +        rotate 5
 +        missingok
 +        postrotate
 +                [ -e /etc/init.d/bind9 ] && /etc/init.d/bind9 reload > /dev/null 2>&1 || true
 +        endscript
 +}
 +
 +/var/bind9/chroot/var/log/security_info.log {
 +        daily
 +        compress
 +        delaycompress
 +        rotate 5
 +        missingok
 +        postrotate
 +                [ -e /etc/init.d/bind9 ] && /etc/init.d/bind9 reload > /dev/null 2>&1 || true
 +        endscript
 +}
 +
 +/var/bind9/chroot/var/log/update_debug.log {
 +        daily
 +        compress
 +        delaycompress
 +        rotate 5
 +        missingok
 +        postrotate
 +                [ -e /etc/init.d/bind9 ] && /etc/init.d/bind9 reload > /dev/null 2>&1 || true
 +        endscript
 +}
 +
 +</code>
  
 ====Long story short:==== ====Long story short:====
Line 83: Line 119:
  
 systemctl daemon-reload systemctl daemon-reload
-mkdir -p /var/bind9/chroot/{etc,dev,var/cache/bind,var/run/named}+mkdir -p /var/bind9/chroot/{etc,dev,var/cache/bind,var/run/named,var/log}
 mknod /var/bind9/chroot/dev/null c 1 3 mknod /var/bind9/chroot/dev/null c 1 3
 mknod /var/bind9/chroot/dev/random c 1 8 mknod /var/bind9/chroot/dev/random c 1 8
 chmod 660 /var/bind9/chroot/dev/{null,random} chmod 660 /var/bind9/chroot/dev/{null,random}
 +chown bind /var/bind9/chroot/dev/random
 mv /etc/bind /var/bind9/chroot/etc mv /etc/bind /var/bind9/chroot/etc
 ln -s /var/bind9/chroot/etc/bind /etc/bind  ln -s /var/bind9/chroot/etc/bind /etc/bind 
Line 95: Line 132:
 chgrp bind /var/bind9/chroot/var/{cache/bind,run/named} chgrp bind /var/bind9/chroot/var/{cache/bind,run/named}
 chown bind /var/bind9/chroot/dev/random chown bind /var/bind9/chroot/dev/random
 +touch /var/bind9/chroot/var/log/{bind.log,update_debug.log,security_info.log}
 +ln -s /var/bind9/chroot/var/log/ /var/log/bind
 +chgrp bind /var/bind9/chroot/var/log/*.log
 vi /etc/init.d/bind9 vi /etc/init.d/bind9
  
Line 103: Line 143:
 </code> </code>
  
- +  * Add the logrotate script from above
jessie_bind_chroot.1450471629.txt.gz · Last modified: 2015/12/19 14:59 (external edit)