The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

BIND chroot compatibility

Discussion in 'Bind / DNS / Nameserver Issues' started by dkg, Jun 14, 2011.

  1. dkg

    dkg Member

    Joined:
    Aug 2, 2004
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    I just setup a new server running CentOS 5.6. I find that BIND was configured to run chroot by default and it gets the zone files from /var/named/chroot/var/named. So wondering why I needed a copy of the zone files in /var/named, I removed the zone files from /var/named. That didn't bother BIND but cPanel no longer sees the zones if you use the GUI to edit a DNS zone. Why is it that cPanel needs the files in /var/named and actually appears to dup the file to the chroot directory when you edit a zone with the GUI. (There are no symlinks involved).

    It would be preferable to have one copy of the zone files used and managed by both BIND and cPanel. It can be quite confusing when you think you have modified the zone file (from the shell for global changes needed) but BIND doesn't see the changes since it is looking elsewhere.

    If your answer is to disable chroot (as I have seen in older threads), then I think that is a poor answer for security reasons. Is there a way to tell cPanel to look in /var/named/chroot/var/named when using the GUI Edit DNS Zone function?
     
  2. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    cPanel does not use bind-chroot, and in fact the installer adds bind-chroot to the exclude= line in /etc/named.conf. cPanel is not designed to use bind-chroot and you will need to remove bind-chroot in order for cPanel to be able to manage the named configuration.
     
Loading...

Share This Page