万恶的chroot

Posted on 2008年 06月24日 by JulyClyde

Redhat派系发行版里,named一般以chroot形式运行

结果,今天就见到了一个因为chroot造成的问题

chroot目录:/var/named/chroot

网通IP地址acl文件:/var/named/cnc.conf 里面记录了网通的IP地址段

主配置文件include这个acl文件,并以这个acl作为view的依据
view "cnc" IN {
match-clients {  CNC; };
zone "……" {……};

};

view "chinanet" IN {

match-clients { 192.168.0.130; 192.168.0.129; any; };
zone "……" {……};

};
结果因为在chroot目录中缺少这个文件,本来应该不匹配网通IP段的公司网络出口被分到了网通方向,在公司访问自己的网站,只能访问比较慢的那个镜像IP。

ln /var/named/cnc.conf /var/named/chroot/var/named/

就OK了

This entry was posted in 默认分类. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.