Page 110 - DCAP602_NETWORK_OPERATING_SYSTEMS

Page 110 - DCAP602_NETWORK_OPERATING_SYSTEMS_I

P. 110

Network Operating Systems-I

notes
table 6.1: keywords in /etc/resolv.conf

keyword value
Nameserver IP address of your DNS nameserver. There should be only one entry per
“nameserver” keyword. If there is more than one nameserver, you’ll need to
have multiple “nameserver” lines.
The local domain name to be used by default. If the server is bigboy.my-web-
Domain
site.org, then the entry would just be my-web-site.org
If you refer to another server just by its name without the domain added on,
DNS on your client will append the server name to each domain in this list
and do a DNS lookup on each to get the remote servers’ IP address. This is a
Search
handy time saving feature to have so that you can refer to servers in the same
domain by only their servername without having to specify the domain. The
domains in this list must separated by spaces.

Obtain a sample configuration in which the client server’s main domain is my-site.com, but it also
is a member of domains my-site.net and my-site.org, which should be searched for shorthand
references to other servers. Two name servers, 192.168.1.100 and 192.168.1.102, provide DNS
name resolution:
search my-site.com my-site.net my-site.org
nameserver 192.168.1.100

nameserver 192.168.1.102
The first domain scheduled after the search directive must be the home domain of your network,
in our case ignou.ac.in. Placing a domain and search entry in the /etc/resolv.conf is redundant,
therefore.
important file Locations
The locations of the BIND configuration files vary by Linux distribution, as you will soon see.
redHat / fedora

RedHat / Fedora BIND normally runs as the named process owned by the unprivileged named
user.
Sometimes BIND is also installed using Linux’s chroot characteristic to not only run named
as user named, but also to limit the files named can see. When installed, named is fooled into
thinking that the directory /var/named/chroot is actually the root or / directory. Therefore,
named files normally found in the /etc directory are found in /var/named/chroot/etc
directory instead, and those you’d expect to find in /var/named are actually located in /var/
named/chroot/var/named.
The benefit of the chroot feature is that if a hacker enters your system via a BIND exploit, the
hacker’s access to the rest of your system is isolated to the files under the chroot directory and
nothing else. This type of security is also known as a chroot jail.
You can determine whether you have the chroot add-on RPM by using this command, which
returns the name of the RPM.

[root@bigboy tmp]# rpm -q bind-chroot
bind-chroot-9.2.3-13
[root@bigboy tmp]#

104 LoveLy professionaL university

105 106 107 108 109 110 111 112 113 114 115