You should be able to find the BIND source by visiting
http://www.isc.org/bind.html. You need the
bind-src.tar.gz
package. Be sure to get the latest version!
Things can get a bit confusing at this point, because different parts of the BIND package will be referring to the same directories by different names (depending on whether or not they're running inside the jail). I'll try not to confuse you too much :-).
The main directory that we have to worry about here is
/var/run
, because its contents are required for both the
main named
daemon (inside the jail), and the ndc
utility
(on the outside). We'll start by setting everything up to find
this directory from the outside world. To do this, we need to modify
src/port/linux/Makefile.set
(substitute your port's
directory if you're not running Linux), and change the line
DESTRUN=/var/run
to
DESTRUN=/chroot/named/var/run
While you're in there, you may want to change the other destination paths
from /usr
to /usr/local
.
Now everything should be able to find that directory... except the
named
daemon itself, to which it's still just /var/run
inside the jail. We can get around this by making a small change
in the named
source. In the file
src/bin/named/named.h
, find the line
#include "pathnames.h"
and add the following line immediately after it
#define _PATH_NDCSOCK "/var/run/ndc"
This way, named
will ignore our definition of DESTRUN
over in
Makefile.set
and use the correct location (from its perspective in the
chroot jail). You will notice some warnings about redefinitions of
_PATH_NDCSOCK when you do the build; just ignore them.
You should now be able to compile BIND as normal, following the
instructions in the INSTALL
file. At this stage, we only want
to compile BIND, not install it. Don't go too far when following
the INSTALL
file. Essentially, it's just make clean
,
make depend
, and make
.