Loading...

blfs-dev@linuxfromscratch.org

[Prev] Thread [Next]  |  [Prev] Date [Next]

[blfs-dev] BIND, Part 2 Qrux Fri Feb 17 02:00:32 2012

The version of BIND included with BLFS doesn't work.  Googled:

        named initializing DST: openssl failure

Results in these apparently relevant links:

        * https://trac.macports.org/ticket/28619
        * https://bugs.gentoo.org/show_bug.cgi?id=356519
        * 
http://snarfu.com/freebsd/freebsd-bind-chroot-openssl-initializing-dst-openssl-failure-fix/

Apparently this error occurs across 3 separate OSes (Mac OS, Gentoo, FreeBSD).  
AFAICT, named just don't play well with a chroot jail.  I've tried this:

====
sudo sed -i s'/ievaluate_retval/evaluate_retval/g' /etc/rc.d/init.d/bind

ldd /usr/sbin/named | awk -F \> '{print $2}' | grep /lib | cut -d ' ' -f 2 | 
sudo cpio -pdmv /srv/named 2> /dev/null
sudo /bin/cp -avf /usr/lib/engines /srv/named/usr/lib
sudo /bin/cp -avf /etc/ssl /srv/named/etc

set +e
sudo mknod -m 0666 /srv/named/dev/zero c 1 5
set -e

sudo chown -vR named.named /srv/named
====

Which didn't seem to help.  My gut says the chroot environment is somehow 
incomplete...

Personally, I don't need to run it in the chroot environment, but if anyone has 
gotten it working I'd love to hear how you did it.  In lieu of working advice, 
however, I would suggest pulling the chroot instructions out of BLFS.  Running 
it without -u, -t works just fine, as long as the config files are in /etc, and 
not in the jail.

        Q


-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page