Maintained by: NLnet Labs

[Unbound-users] Suggested config settings for chrooting unbound

Ilya Bakulin
Thu Nov 22 13:22:16 CET 2012


On Thu, Nov 22, 2012 at 11:27:02AM +0000, Kevin Chadwick wrote:
> > > So I'd like to ask what is considered "best practice" for chrooting unbound?
> 
> You could take a gander at OpenBSDs setup as they chroot unbound by
> default and as they have or are adding unbound to base it will have
> received a fair amount of peer review.

I have already looked at OpenBSD port. Unfortunately if suffers from the same
problem -- they keep unbound config file under /var/unbound, which is also
chroot for it.

> 
> -- 
> _______________________________________________________________________
> 
> 'Write programs that do one thing and do it well. Write programs to work
> together. Write programs to handle text streams, because that is a
> universal interface'
> 
> (Doug McIlroy)
> _______________________________________________________________________
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
>