Run named within FreeBSD Jail

By | 10/31/2008

I spent some time this afternoon trying to setup named (BIND 9.5) within a FreeBSD jail for internal use.  I ran into an issue where it was unable to mount devfs and failed on me.  After a little bit of digging I found a solution.

This is the error that was reported (see link):

/etc/rc.d/named: WARNING: devfs_domount(): Unable to mount devfs on /var/named/dev
devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted
devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted

In a nutshell, add the following line to the jail /etc/rc.conf and you should be OK.

named_chrootdir=""

Yes, this means that you’re not running named within a chroot like it would by default but remember its in a jail anyway–a really fancy, hardened chroot.

One thought on “Run named within FreeBSD Jail

  1. Christopher J. Umina

    Thanks for the pingback!

    Happy to help more if you need it. I actually thought about writing a patch for this, but never really got around to it.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *