Tom Robinson writes: > The bind-chroot on CentOS 7 also comes with a script > (/usr/libexec/setup-named-chroot.sh) that sets > up the much maligned systemd and, through bind mounts, creates and extra > level of chroot hierarchy > giving: > > /var/named/chroot/var/named/chroot/var/named > which seems totally unnecessary.
Obligatory knee-jerk response: Have you considered nsd3 + unbound instead? > I'm migrating a CentOS 6 bind instance (chrooted) to a CentOS 7 box > and am curious of people's opinions on chrooting vs selinux as a way > of securing bind. chroot isn't a security mechanism. _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
