FrontPage › bind_gentoo
No difference found
gentoo BIND ¼³Ä¡ (chroot ¹öÀü) ¶
1.1. ¼Ò°³ ¶
ÀÌ ¹®¼´Â chroot BIND ¹®¼ÀÌ´Ù. chroot ·Î ¿î¿µÇÏÁö ¾ÊÀ¸·Á¸é ¾Æ·¡ ebuild /var... config Ç׸ñÀ» ½ÇÇà½ÃÄÑ ÁÖÁö ¾ÊÀ¸¸é µÈ´Ù. ±×¸®°í ±âº» µð·ºÅ丮¸¦ /var/bind ·Î °¡Á¤ÇÑ´Ù.
1.2.2.1. chroot ºôµå ¶
chroot ·Î µ¹¸®±â À§Çؼ ¾Æ·¡¿Í °°ÀÌ ½ÇÇàÇÑ´Ù
# ebuild /var/db/pkg/net-dns/<bind version>/<bind-version> config
¼³Ä¡µÈ ¹öÀüÀÌ bind-9.2.2-r3 ÀÓÀ¸·Î ¾Æ·¡¿Í °°ÀÌ ÀÔ·ÂÇÑ´Ù
# ebuild /var/db/pkg/net-dns/bind-9.2.2-r3/bind-9.2.2-r3.ebuild config * * Setting up the chroot directory... Done. * * Add the following to your root .bashrc or .bash_profile: * alias rndc='rndc -k /chroot/dns/etc/bind/rndc.key' * Then do the following: * source /root/.bashrc or .bash_profile *
À§¿Í °°ÀÌ Çϸé /etc/conf.d/named ÆÄÀÏ ³»¿ëÀ» º¸¸é CHROOT ¶ó´Â Ç׸ñµµ º¯°æµÇ¾î ÀÖ´Ù
chroot ·Î º¯°æÇÏ´Â ÀÌÀ¯´Â named °¡ º¸¾È¹ö±×»ó Ãë¾à¼ºÀÌ ¹ß°ßµÇ¾î ¶Õ¸± ¼ö°¡ Àִµ¥, ÀÌ·²¶§¸¦ ¹æÁöÇϱâ À§Çؼ »ç¿ëÇÑ´Ù. chroot »ç¿ë ¾ÈÇÏ´Â »ç¶÷Àº /var/bind ·Î »ç¿ëÇÑ´Ù.
chroot ·Î º¯°æÇÏ´Â ÀÌÀ¯´Â named °¡ º¸¾È¹ö±×»ó Ãë¾à¼ºÀÌ ¹ß°ßµÇ¾î ¶Õ¸± ¼ö°¡ Àִµ¥, ÀÌ·²¶§¸¦ ¹æÁöÇϱâ À§Çؼ »ç¿ëÇÑ´Ù. chroot »ç¿ë ¾ÈÇÏ´Â »ç¶÷Àº /var/bind ·Î »ç¿ëÇÑ´Ù.
1.2.2.2. chroot ¿É¼ÇÈ®ÀÎ ¶
# cat /etc/conf.d/named # Set various named options here. # OPTIONS="" # Set this to the number of processors you have. # CPU="1" # If you wish to run bind in a chroot, run: # ebuild /var/db/pkg/net-dns/<bind version>/<bind-version> config # and un-comment the following line. # You can specify a different chroot directory but MAKE SURE it's empty. CHROOT="/chroot/dns"
1.2.2.3. chroot directory ¶
chroot ÇÏÀ§µð·ºÅ丮´Â ¾Æ·¡¿Í °°ÀÌ ±¸¼ºµÇ¾î ÀÖ´Ù.
# cd /chroot # tree . `-- dns |-- dev | |-- random | `-- zero |-- etc | |-- bind | | |-- named.conf | | |-- pri -> ../../var/bind/pri | | |-- rndc.key | | `-- sec -> ../../var/bind/sec | `-- localtime `-- var |-- bind | |-- named.ca | |-- pri | | |-- 127.zone | | `-- localhost.zone | |-- root.cache -> ../../var/bind/named.ca | `-- sec `-- run `-- named 12 directories, 9 files
1.4.2. zone ÆÄÀÏ»ý¼º ¶
/chroot/dns/etc/bind/pri/kkanari.info.zone ÆÄÀÏÀ» ¾Æ·¡¿Í °°ÀÌ ¸¸µé¾î ÁØ´Ù.
$TTL 3600 @ IN SOA ns.kkanari.info. root.kkanari.info. ( 2005012701 ; serial 28800 ; refresh 7200 ; retry 604800 ; expire 86400 ; minimum ) ; ; IN NS ns.kkanari.info. IN A 210.111.16.144 IN MX 10 mail ; ; ns IN A 210.111.16.144 ns2 IN A 210.111.16.144 mail IN A 210.111.16.144 ftp IN A 210.111.16.144 www IN A 210.111.16.144 home IN A 210.111.16.144 * IN A 210.111.16.144
1.4.4. log È®ÀÎ ¶
/var/log/everything/current ·Î±×¸¦ È®ÀÎÇØ º¸¸é (syslogd °¡ ¾Æ´Ñ metalog ´Ù ;;)
Jan 27 15:06:21 [kernel] process `rndc' is using obsolete setsockopt SO_BSDCOMPAT Jan 27 15:06:21 [named] loading configuration from '/etc/bind/named.conf' Jan 27 15:06:21 [named] no IPv6 interfaces found Jan 27 15:06:21 [named] zone kkanari.info/IN: loaded serial 2005012701À§¿Í°°ÀÌ Á¤»óÀûÀ¸·Î Àоîµé¿´´Ù.
1.4.5. Å×½ºÆ® !!! ¶
Å×½ºÆ®¸¦ ÇØ º¸ÀÚ
> server kkanari.info Default Server: kkanari.info Address: 210.111.16.144 > kkanari.info Server: kkanari.info Address: 210.111.16.144 Name: kkanari.info Address: 210.111.16.144 > www.kkanari.info Server: kkanari.info Address: 210.111.16.144 Name: www.kkanari.info Address: 210.111.16.144 > mail.kkanari.info Server: kkanari.info Address: 210.111.16.144 Name: mail.kkanari.info Address: 210.111.16.144
¾ÆÁÖ Àß µÈ´Ù