named with in a vserver ....

About this list Date view Thread view Subject view Author view Attachment view

From: Guillaume Bourque (bougui_at_logisoftech.com)
Date: Wed Jan 09 2002 - 22:37:40 EST


Hi again !,

have anyone been able to make bind 9.2 running with in a vserser ?

[root_at_ns1 www]# /etc/init.d/named start
Starting named: named: capset failed: Operation not permitted
                                                           [ERREUR]

[root_at_ns1 www]# rpm -qa | grep bind
bind-utils-9.2.0-0.rc3.1mdk
bind-9.2.0-0.rc3.1mdk

I also found some information: this here
http://www.ultraviolet.org/mail-archives/lids.2001/1245.html

> Starting named: named: capset failed: Operation not permitted

    If I recall correctly, BIND tries to use kernel capabilities in its
own
code, which is not compatible with having LIDS police capabilities. I
think
people have had success in the past commenting out the cap calls in
BIND.

    Or, if you're worried about security, you could run djbdns instead
of
BIND.

TIA !

--
--------------------- La qualité avant tout ! ----------------------
Guillaume Bourque                           Conseiller technologique
                     LogiSoft Technologies inc.
Tél. (514) 576-7638                              Fax: (450) 649-6134
-------------------- http://www.logisoftech.com --------------------

About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:00 EDT