Get Rid of `chroot` named (DNSonly)

[Dmitry M.]

Hi,

Is there any way to get rid of new named chroot system?
I mean I want to make all scripts (/etc/init.d/named, check-conf etc.) start named without key '-t /var/named/chroot'

I run my own DNS cluster based on cpanel DNS only servers, my new DNS server (chroot setup) uses almost 2 times more RAM comparing to another 2 my DNS servers that uses older DNSonly setup (without chroot securing).

New server is bind 9.3.6, old servers bind 9.3.2

I do not use cpanel DNS synchronization because it doesn't work with 200k+ DNS zones, that is why chroot breaks my scripts also, but it isn't the real problem. The main problem is the memory.

Please advise.

 

[xerophyte]

rpm -qa | grep -i bind

if you see chroot bind in there, just remove it

hope that helps

 

[Dmitry M.]

Its standard DNSonly setup, no manual updates

# rpm -qa | grep -i bind
bind-devel-9.3.6-4.P1.el5
bind-libs-9.3.6-4.P1.el5
ypbind-1.19-12.el5
bind-utils-9.3.6-4.P1.el5
bind-devel-9.3.6-4.P1.el5
bind-9.3.6-4.P1.el5
bind-libs-9.3.6-4.P1.el5

 

[xerophyte]

hmmm try commenting out

cat /etc/sysconfig/named

ROOTDIR=/var/named/chroot

and /etc/init.d/named restart

 

[Dmitry M.]

nice call!!!!

ty a lot, it works like a charm.