On Sun, 2005-01-23 at 11:22 +0000, Tony Dietrich wrote: > On Saturday 22 Jan 2005 14:35, Bill Cronk wrote: > > Craig Wrote: > > >This is just my opinion and may not be similar to anyone else's. > > > > > >Red Hat's gui tool for admin BIND (I think it is system-config-named) is > > >useless or worse than useless > > > > > >I don't use it. The only times I have tried to use it I abandoned > > >everything that it did. > > > > > >I use webmin <http://www.webmin.com> where I need to set up dns. It's > > >awesome. > > > > I have been using Webmin since one of the first releases. I agree it is > > awesome and has improved immensely over the past couple of years. > > > > That is my preference for managing all my machines at work and here at home > > too. However, I noticed with SuSE first and now Fedora is that to eliminate > > difficulties in the initial setup of various services, one sometimes needs > > to allow the stock distribution tools to do the setup. Then come in after > > the fact and either tweak or manage the configurations with Webmin. > > > > In fact this very thing is what my current problem has been. Webmin never > > seems to find the chroot files for DNS unless they are linked out to > > /var/named as Fedora packages them. Also Webmin only creates the files in > > the standard location of /var/named. I move the file to the chroot location > > where Fedora has thier stock original files and then link it out to the > > /var/named as Fedora did and all works as expected. > > > > I have not spent allot of time digging through Webmin due to the work load > > ;), but do you know if they have an easy way to configure where the Webmin > > modules go out and look for files for the services it can manage? > > > > Bill > Bill, is there a particular reason you are running bind chrooted? > > What users is your bind servicing? Do you really *need* it chrooted? > I tend to only chroot bind if I'm setting up a server that is going to be used > by the unwashed massed, where I'm not in direct control of the server > > ... a server servicing a LAN or WLAN can normally be left un-chrooted, since > I'm in control of the network security anyway. If I balls up with the > security settings on the rest of the netweork, its my fault :p > > I then fire the guy that broke my security, and then fix the loophole :p By default, FC3 runs bind in a chroot jail. > -- > Tony Dietrich > ------------- > Endless Loop, n.: > see Loop, Endless. > Loop, Endless, n.: > see Endless Loop. > -- Random Shack Data Processing Dictionary >
