Bind9 chroot on debian 8

Shahriar EV
Binvoke
Published in
1 min readApr 3, 2017

From Wikipedia:

BIND, or named, is the most widely used Domain Name System (DNS) software on the Internet. On Unix-like operating systems it is the de facto standard.

As you know chrooting a process is very beneficial for security as any compromise cannot have effect on the whole system. But be aware escaping from chroot is not impossible. and therefore should not be used as your only security measure on a production DNS resolver.

Chrooting Bind is simple, however there are not good HOWTOs, the good ones are all outdated.

So I made this Asciinema for “chrooting bind 9 in debian 8” (systemd)

[click on it]

Let me know of any inaccuracies or suggestions as usual :)

Shahriar

--

--