³×ÀÓµ¥¸óÀ» nobody·Î ¿î¿µÇϱâ

  Scott Wunsch, scott@wunsch.org <mailto:scott@wunsch.org>

  ¹ø¿ªÀÚ ÀÓ½Âȯkilhan@kldp.org <mailto:kilhan@kldp.org>
  v1.0, 13 March 2000

  ÀÚÀ¯·Ó°Ô È°¿ëÇϼŵµ ÁÁ°í ¹ø¿ªÀÚ°¡ ´©±¸ÀÎÁö ¾Ë·Á Áּŵµ ÁÁ½À´Ï´Ù.
  ¹ø¿ª¿¡ ¹®Á¦°¡ Àְųª ¼öÁ¤Çϼż­ Àú¿¡°Ô ¾Ë·Á ÁÖ½Ã¸é ¾÷µ¥ÀÌÆ® ÇÒ¼ö
  ÀÖµµ·Ï ³ë·ÂÇÏ°Ú½À´Ï´Ù.  ÀÌ ¹®¼­´Â ´ÙÀ½°ú °°Àº copyright¸¦ °®½À´Ï´Ù.
  Copyright ¨Ï Scott Wunsch, 2000.  This document may be distributed
  only subject to the terms set forth in the LDP licence at http://meta­
  lab.unc.edu/LDP/COPYRIGHT.html.  This HOWTO is free documentation; you
  can redistribute it and/or modify it under the terms of the LDP
  licence.  It is distributed in the hope that it will be useful, but
  without any warranty; without even the impled warranty of mer­
  chantability or fitness for a particular purpose.  See the LDP licence
  for more details.  °³³äÀ» Á¤¸®Çϱ⠺¸´Ù´Â ½ÇÁ¦ÀûÀ¸·Î À¯¿ëÇÏ°Ô ¾²Àϼö
  ÀÖµµ·Ï ¼³Ä¡¸¦ Áö¿øÇØÁÖ´Â ¹®¼­·Î ÀÛ¼ºÇÏ¿´½À´Ï´Ù.
  ______________________________________________________________________

  ¸ñÂ÷

  1. BIND¼³Ä¡Áغñ
     1.1 ¾î¶»°Ô?
     1.2 ¿Ö?
     1.3 ¾îµð¼­?
     1.4 How?
     1.5 Disclaimer

  2. Preparing the Jail (chroot¸¦ À§ÇÑ Áغñ)
     2.1 »ç¿ëÀÚ¸¦ Ãß°¡ÇÕ´Ï´Ù.
     2.2 µð·ºÅ丮 ±¸Á¶
     2.3 ±âÁ¸ÀÇ BINDÁ¤º¸¸¦ ¿Å°Ü ¿ÀÀÚ.
     2.4 ½Ã½ºÅÛ¿¡¼­ ÇÊ¿äÇÑ È­ÀÏ Ãß°¡
     2.5 ·Î±×»ý¼º

  3. BIND¸¦ ÄÄÆÄÀÏ ÇÕ´Ï´Ù.
     3.1 °æ·Î¸¦ ¼öÁ¤ÇØ ÁÝ´Ï´Ù.
     3.2 È­ÀÏÀ» »ý¼ºÇÕ´Ï´Ù.

  4. »õ·Ó°Ô ¸¸µé¾îÁø BIND¸¦ ¼³Ä¡ ÇÕ´Ï´Ù.
     4.1 chroot¹Û¿¡¼­ÀÇ ¼³Ä¡
     4.2 chroot¾È¿¡¼­ÀÇ ¼³Ä¡
     4.3 ½ÃÀÛ ½ºÅ©¸³Æ®¸¦ ÀÛ¼ºÇÕ´Ï´Ù.
     4.4 ¼³Á¤ º¯°æ

  5. BIND¸¦ ½ÇÇàÇÕ´Ï´Ù.

  ______________________________________________________________________

  1.  BIND¼³Ä¡Áغñ

  1.1.  ¾î¶»°Ô?

  ÀÌ ¹®¼­´Â BINDÆÐÅ°Áö¸¦ ¼³Ä¡ ÇÒ¶§ Ãß°¡ÀûÀÎ º¸¾È»çÇ׿¡ ´ëÇÏ¿© ¼³¸íÇÑ´Ù.
  ±×°ÍÀº bindÆÐÅ°Áö°¡ 'chroot'¿ÜºÎ·Î Àаųª ´Ù¸¥ Çã°¡±ÇÀ» °¡Áú¼ö ¾øµµ·Ï
  ¼³Á¤Çϴ°ÍÀ» ÀǹÌÇÑ´Ù.  ¶ÇÇÑ ÀÌ°ÍÀº 'root'(½Ã½ºÅÛ °ü¸®ÀÚ)ÀÌ¿ÜÀÇ
  »ç¿ëÀڷμ­ ¼³Á¤ÇÒ¼ö ÀÖµµ·Ï ÇÒ°ÍÀÌ´Ù.  chroot¿¡ µÚÀÇ ÀÌ °úÁ¤Àº
  °£´ÜÇÏ´Ù. BIND³ª ´Ù¸¥ ¾î¶² processµµ chroot ¿¡¼­ ¼öÇàµÇµµ·Ï Çϸé
  chroot Àܸ̿¦ º¸°Å³ª ´Ù¸¥ filesystemÀ» Àд°ÍÀº ºÒ°¡´ÉÇÏ´Ù.  ¿¹¸¦ µé¸é
  ÀÌ ¹®¼­ ¾È¿¡¼­ BIND¸¦ µð·ºÅ丮/chroot/named¿¡ chrootedµÇ°Ô ¼³Á¤ÇÒ
  °ÍÀÌ´Ù.  ±×·¸°Ô µÈ´Ù¸é BIND·Î½á´Â ÀÌ ¹®¼­°¡ ÀÖ´Â ÇöÀç µð·ºÅ丮¸¦ /
  À¸·Î ¾Ë°ÔµÈ´Ù.Áï chroot ¿ÜÀÇ µð·ºÅ丮¿¡ ´ëÇÑ Çã°¡±ÇÀÌ ¾ø¾îÁö´Â°ÍÀÌ´Ù.
  ¾Æ¸¶ Anonymous FTP·Î ¼­ºñ½º Çϴ°÷¿¡ ·Î±×ÀÎ ÇÏ¿´´Ù¸é chroot¿¡ ´ëÇؼ­
  ¾Ë°ÍÀÌ´Ù.

  1.2.  ¿Ö?

  chroot·Î BIND¸¦ ¿î¿µÇÏ´Â °ÍÀº ¾ÇÀÇÀûÀÎ »ç¿ëÀÚµé·ÎºÎÅÍ BIND¸¦ ¿î¿µ½Ã
  ¹ß»ýÇÒ¼ö ÀÖ´Â À§ÇèÀ» Á¦ÇÑ Çϱâ À§ÇÔÀÌ´Ù.  °°Àº ÀÌÀ¯·Î BIND¸¦
  root(½Ã½ºÅÛ ¿î¿µÀÚ)°¡ ¾Æ´Ñ »ç¿ëÀڷκÎÅÍ ¿î¿µÇÏ°íÀÚ ÇÑ´Ù.

  1.3.  ¾îµð¼­?

  ¹®¼­ÀÇ ÃÖ±ÙÀº ´ÙÀ½¿¡¼­ ¾òÀ»¼ö ÀÖ´Ù.  www.losurs.org/docs/howto/Chroot-
  BIND.html BIND´Â the Internet Software Consortium ¿¡¼­
  Áïwww.isc.org/bind.html ¿¡¼­ ¾òÀ»¼ö ÀÖ°í ÃÖ±ÙÀÇ °¡Àå ÃֽŠ¹öÀüÀº
  8.2.2_P5 ÀÌ´Ù.  1.4¿Í 1.5´Â »ý·«ÇÕ´Ï´Ù.

  1.4.  How?

  wrote this document based on my experiences in setting BIND up in a
  chroot environment. In my case, I already had an existing BIND
  installation in the form of a package that came with my Linux
  distribution. I'll assume that most of you are probably in the same
  situation, and will simply be transferring over and modifying the
  configuration files from your existing BIND installation, and then
  removing the package before installing the new one. Don't remove the
  package yet, though; we may want some files from it first.  If this is
  not the case for you, you should still be able to follow this
  document. The only difference is that, where I refer to copying an
  existing file, you first have to create it yourself. The DNS HOWTO may
  be helpful for this.

  1.5.  Disclaimer

  These steps worked for me, on my system. Your mileage may vary. This
  is but one way to approach this; there are other ways to set the same
  thing up (although the general approach will be the same).  My BIND
  experience to date has been installing on Linux servers. However, most
  of the instructions in this document should be easily applicable to
  other flavours of UNIX as well, and I shall try to point out
  differences of which I am aware.

  2.  Preparing the Jail (chroot¸¦ À§ÇÑ Áغñ)

  2.1.  »ç¿ëÀÚ¸¦ Ãß°¡ÇÕ´Ï´Ù.

  (¿øº»±Û¿¡¼­´Â named »ç¿ëÀÚ¸¦ Ãß°¡ÇÏ¿´½À´Ï´Ù. ¹ø¿ª±Û¿¡¼­´Â nobody¸¦
  »ç¿ëÇϱ⿡ ´ëºÎºÐÀÇ °èÁ¤¿¡¼­´Â ÀÌ¹Ì »ý¼ºµÇ¾î ÀÖÀ»°Í ÀÔ´Ï´Ù.)
  /etc/passwd ¿¡ ´ÙÀ½À» Ãß°¡ÇÑ´Ù.
  named:x:200:200:Nameserver:/chroot/named:/bin/false /etc/group ¿¡
  ´ÙÀ½À» Ãß°¡ÇÑ´Ù.  named:x:200: ¼ÐÀ» /bin/false¸¦ ÁØ°ÍÀº ·Î±×¿Â ÇÏÁö
  ¸øÇÏ°Ô Çϱâ À§ÇÔÀÌ´Ù.

  2.2.  µð·ºÅ丮 ±¸Á¶

  ´ÙÀ½°ú °°Àº µð·ºÅ丮 ±¸Á¶¸¦ ¸¸µéÀÚ.

  /chroot
    +-- named
         +-- bin +-- dev +-- etc |    +-- namedb +-- lib +-- var
              +-- run

  2.3.  ±âÁ¸ÀÇ BINDÁ¤º¸¸¦ ¿Å°Ü ¿ÀÀÚ.

  ÀÌ¹Ì ±âÁ¸ÀÇ BIND¸¦ ¼³Ä¡Çϰųª ¿î¿µÇØ¿À°í ÀÖÀ» °æ¿ì named.conf³ª
  zoneÈ­ÀÏÀÌ ÀÖÀ»°æ¿ì chroot º¹»ç(À̵¿)·Î º¹»ç´À À̵¿À» ÇÑ´Ù.
  /etc/named.conf ´Â /chroot/named/etc ·Î zoneÈ­ÀÏÀº
  /chroot/named/etc/namedb·Î ¿Å±ä´Ù.  ¿¹¸¦ µé¸é ´ÙÀ½°ú °°´Ù.

  # cp -p /etc/named.conf /chroot/named/etc/ # cp -a /var/named/*
  /chroot/named/etc/namedb/

  ¸¸¾à master°¡ ¾Æ´Ñ slave·Î bind¸¦ ¿î¿µÇÏ°íÀÚ Çϰųª ±âŸ ¿©·¯°¡Áö
  ÀÌÀ¯·Î BIND°¡ zoneÈ­ÀÏ¿¡ Çã°¡±ÇÀÌ ÀÖ¾î¾ß ÇÒ°ÍÀÌ´Ù.  ´ÙÀ½¿¹¿Í °°ÀÌ
  ¼ÒÀ¯±ÇÀ» ¹Ù²ÙÀÚ # chown -R named:named /chroot/named/etc/namedb
  (Âü°í·Î º»ÀÎÀº nobody·Î ¿î¿µÇϱ⸦ À©ÇßÀ¸¹Ç·Î # chown -R nobody:nobody
  /chroot/named/etc/namedb ÇØÁÖ¾ú½À´Ï´Ù.)  BIND´Â ¶ÇÇÑ /var/run¿¡
  pidÈ­ÀÏ°ú ndc¿¡¼­ »ç¿ëÇÏ´Â socket¸¦ ÀûÀ»¼ö ÀÖ´Â Çã°¡±ÇÀÌ ÇÊ¿ä ÇÕ´Ï´Ù.
  µû¶ó¼­ ´ÙÀ½¿¹¿Í °°ÀÌ ¼ÒÀ¯±ÇÀ» ÁÝ´Ï´Ù.  # chown named:named
  /chroot/named/var/run (Âü°í·Î º»ÀÎÀº nobody·Î ¿î¿µÇϱ⸦ À©ÇßÀ¸¹Ç·Î #
  chown -R nobody:nobody /chroot/named/var/run ÇØÁÖ¾ú½À´Ï´Ù.)

  2.4.  ½Ã½ºÅÛ¿¡¼­ ÇÊ¿äÇÑ È­ÀÏ Ãß°¡

  BIND¸¦ chroot¿¡¼­ ¿î¿µÇÏ°Ô µÇ¸é chroot¿Ü¿¡´Â Çã°¡±ÇÀÌ ¾ø±â ¶§¹®¿¡
  ¸î°³ÀÇ È­Àϵé(ƯÈ÷ ½Ã½ºÅÛ ¶óÀ̺귯¸®) ÀÌ ÇÊ¿ä ÇÕ´Ï´Ù.  ¾Æ·¡ÀÇ ¸í·É¾î´Â
  ÇÊ¿äÇÑ ¶óÀ̺귯¸®¸¦ chroot¾È¿¡¼­ ÀÐÀ»¼ö ÀÖµµ·Ï ÇØÁÖ´Â ÀÛ¾÷ÀÔ´Ï´Ù.
  º¸ÅëÀÇ LINUX¸Ó½®¿¡¼­´Â ÀÛµ¿µÉ°Í ÀÔ´Ï´Ù.

  # cd /chroot/named/lib # cp -p /lib/libc-2.*.so .  # ln -s libc-2.*.so
  libc.so.6 # cp -p /lib/ld-2.*.so .  # ln -s ld-2.*.so ld-linux.so.2

  BIND°¡ chroot·Î ¿î¿µµÉ¶§´Â chroot¾È¿¡ /dev/nullÀÌ ÀÖ¾î¾ß ÇÕ´Ï´Ù.
  /dev/MKDEV ÀÇ ¸Þ´º¾óÀ̳ª mknodÀÇ ¸Þ´º¾óÀ» È®ÀÎÇØ º¸½Ê½Ã¿ä.  ¾Æ·¡ÀÇ
  ¸í·ÉÇàÀº º¸ÅëÀÇ LINUX¸Ó½®¿¡¼­´Â ÀÛµ¿µÉ°Í ÀÔ´Ï´Ù.  # mknod
  /chroot/named/dev/null c 1 3 ¸¶Áö¸·À¸·Î /etc µð·ºÅ丮¸¦ chroot¾È¿¡
  ¿ª½Ã ¸¸µé¾î¾ß ÇÕ´Ï´Ù.  ±×¸®°í /etc/localtimeÈ­ÀÏÀ» chroot¾ÈÀ¸·Î º¹»ç
  Çؾ߸¸ BIND log°¡ Á¤È®ÇÑ ½Ã°£¿¡ ±â·ÏµÉ°ÍÀÔ´Ï´Ù.  ¶ÇÇÑ °£´ÜÇÑ
  groupÈ­ÀÏÀ» »ý¼ºÇؾßÇÒ°Í ÀÔ´Ï´Ù.  ´ÙÀ½ÀÇ ¸í·ÉÇàÀ» Âü°í Çϼ¼¿ä # cp
  /etc/localtime /chroot/named/etc/ # echo 'named:x:200:' >
  /chroot/named/etc/group (óÀ½¿¡ ¸¸µé¶§ ¿øº»¿¡¼­ GID 200À» ÁØ°ÍÀ» ÁÖÀÇ
  ÇϽʽÿä Àú´Â nobody·Î »ý¼ºÇϱ⠶§¹®¿¡ echo 'nobody:x:99:' >
  /chroot/named/etc/group ÇÏ¿´½À´Ï´Ù)

  2.5.  ·Î±×»ý¼º

  sysclogd¸¦ ÅëÇÏ¿© ·Î±×¸¦ »ý¼ºÇÏ´Â ¹æ¹ýÀº µÎ°¡Áö°¡ ÀÖ´Ù°í ÇÕ´Ï´Ù.
  ÀÌ°ÍÀº ½Ã½ºÅÛ ¸¶´Ù ¼³Á¤ÀÌ ´Ù¸¦¼ö Àֱ⠶§¹®¿¡ RedHat¿¡¼­ »ç¿ëÇÏ´Â
  ù¹ø° ¹æ¹ý¸¸ ¼³¸íÇÏ°Ú½À´Ï´Ù.  º¸Åë syslogd´Â ´ÙÀ½ÀÇ È­ÀÏÀ» ÅëÇÏ¿©
  ¿î¿µµË´Ï´Ù.  /etc/rc.d/init.d/syslog ÀÌ È­ÀÏÀ» ¾Æ·¡ ºÎºÐÀº °íÃÄ
  Áֽʽÿä daemon syslogd -m 0 À» ÀÌ·¸°Ô daemon syslogd -m 0 -a
  /chroot/named/dev/log °íÃÆÀ¸´Ï µ¥¸óÀ» À籸µ¿ ÇϽʽÿä.

  # /etc/rc.d/init.d/syslog stop
  #/etc/rc.d/init.d/syslog start

  ¾Æ·¡¿Í °°Àº È­ÀÏÀÌ ¹ß°ßµÇ¸é Á¤»óÀûÀΰÍÀÔ´Ï´Ù.

    /chroot/named/dev
  srw-rw-rw-   1 root     root            0 Mar 13 20:58 log
  ´Ù¸¥ ¹æ¹ýÀº..  If you have an older syslogd, then you'll have to find
  another way to do your logging. There are a couple programs out there,
  such as holelogd, which are designed to help by acting as a ``proxy''
  and accepting log entries from the chrooted BIND and passing them out
  to the regular /dev/log socket.  ÀÔ´Ï´Ù.

  3.  BIND¸¦ ÄÄÆÄÀÏ ÇÕ´Ï´Ù.

  www.isc.org/bind.html <http://www.isc.org/bind.html> ³ª ´Ù¸¥ ¹Ì·¯
  ½ÎÀÌÆ®¿¡ °¡¼­ ÃÖ½ÅÀÇ bind¸¦ ±¸ÇÕ´Ï´Ù.

  3.1.  °æ·Î¸¦ ¼öÁ¤ÇØ ÁÝ´Ï´Ù.

  (confusingÇÒ¼ö ÀÖ´Ù°í ÇÕ´Ï´Ù. ^^) ±âº» µð·ºÅ丮´Â /var/runÀÌ°í ÀÌ°ÍÀº
  chroot¾È¿¡ À§Ä¡½ÃÄÑ¾ß ÇÕ´Ï´Ù.  ndc¶ÇÇÑ ´Ù¸¥ µð·ºÅ丮¿¡ À§Ä¡Çϱ⠶§¹®¿¡
  ¼öÁ¤ÇØÁÖ¾î¾ß ÇÕ´Ï´Ù.  ¸®´ª½º ½Ã½ºÅÛÀ̶ó°í °¡Á¤ÇÏ°í ´ÙÀ½ È­ÀÏÀ» ´ÙÀ½°ú
  °°ÀÌ ¼öÁ¤ÇØ ÁÝ´Ï´Ù.  src/port/linux/Makefile.set ÀÇ È­Àϳ»ºÎÀÇ
  DESTRUN=/var/run À» DESTRUN=/chroot/named/var/run À¸·Î ¼öÁ¤ÇØ ÁÝ´Ï´Ù.
  (While you're in there, you may want to change the other destination
  paths from /usr to /usr/local. ) ³×ÀÓ µ¥¸ó¸¸ »©°í´Â ¸ðµÎ chroot¾È¿¡¼­
  Á»´õ ¼öÁ¤ÇØ ÁÝ´Ï´Ù.  src/bin/named/named.h È­ÀÏÀº #include
  "pathnames.h" À» #define _PATH_NDCSOCK    "/var/run/ndc" À¸·Î ¼öÁ¤ÇØ
  ÁÝ´Ï´Ù.

  3.2.  È­ÀÏÀ» »ý¼ºÇÕ´Ï´Ù.

  INSTALLÈ­ÀÏÀ» ÀÐ¾î º¸°í º¸Åë ¼³Ä¡¸¦ Çϳª ÀÌ °÷¿¡¼­´Â ¸¸µé±â¸¸ ÇÏÁö
  ¼³Ä¡¸¦ ÇÏÁö´Â ¾Ê½À´Ï´Ù.  ¹°·Ð À̰͵µ INSTALLÈ­ÀÏ¿¡ ÀûÇôÀÖ´Â °Í°ú
  ´Ù¸£Áö ¾Ê½À´Ï´Ù.  ¾Æ·¡¿Í °°ÀÌ º¸Åë ¸í·ÉÇàÀ» ÀÔ·ÂÇØ ÁÝ´Ï´Ù.

  #make clean #make depend #make

  4.  »õ·Ó°Ô ¸¸µé¾îÁø BIND¸¦ ¼³Ä¡ ÇÕ´Ï´Ù.

  º¸Åë ÀÌÀü¿¡ rpmÀ̳ª ±âŸ ´Ù¸¥°ÍÀ¸·Î ¼³Ä¡µÇ¾î Àִ°ÍÀÌ ÀÖ´Ù¸é Á¦°Å Çصµ
  ÁÁ½À´Ï´Ù.  RedHatÀ» »ç¿ëÇÏ´Â Linux¶ó¸é bind, bind-utils, bind-devel,
  caching-nameserverÀÌ ¼³Ä¡µÇ¾î ÀÖÀ»°ÍÀÔ´Ï´Ù.  /etc/rc.d/init.d/named
  ½ºÅ©¸³Æ®°¡ ÀÖ´Ù¸é Áö¿ì±âÀü¿¡ º¸°üÇϴ°ÍÀÌ ÁÁÀ»°ÍÀÔ´Ï´Ù.

  4.1.  chroot¹Û¿¡¼­ÀÇ ¼³Ä¡

  This is the easy part :-).  /usr/local/sbin/named µ¥¸óÀ» ½Ç¼ö ¹æÁö¸¦
  À§ÇØ ±ÇÇÑÀ» 000ÁÝ´Ï´Ù.  #chmod 000 /usr/local/sbin/named

  4.2.  chroot¾È¿¡¼­ÀÇ ¼³Ä¡

  named daemon È­ÀÏ°ú named-xfer(zone trandfer¸¦ À§ÇÑ È­ÀÏ)À» º¸Åë º¹»ç
  ÇÕ´Ï´Ù.

   # cp src/bin/named/named /chroot/named/bin
  # cp src/bin/named-xfer/named-xfer /chroot/named/bin

  4.3.  ½ÃÀÛ ½ºÅ©¸³Æ®¸¦ ÀÛ¼ºÇÕ´Ï´Ù.

  º¸Åë RedHat 6.0 system¿¡¼­´Â ´ÙÀ½°ú °°½À´Ï´Ù.  -u ´Â ½ÇÇàµÈ ÈÄ¿¡
  ³×Àμ­¹öÀÇ º¯°æµÉ »ç¿ëÀÚ ID¸¦ ¸»ÇÕ´Ï´Ù.  -g ´Â ½ÇÇàµÈ ÈÄ¿¡ ³×Àμ­¹öÀÇ
  º¯°æµÉ »ç¿ëÀÚ group¸¦ ¸»ÇÕ´Ï´Ù.  -t ´Â chroot¸¦ Àû¿ëÇÒ µð·ºÅ丮¸¦
  ¸»ÇÕ´Ï´Ù.  >>>>daemon /chroot/named/bin/named -u named -g named -t
  /chroot/named ¿øº»¿¡´Â À§¿Í °°¾ÒÀ¸³ª Àú´Â ¾Æ·¡°°ÀÌ ¼öÁ¤ÇÏ¿´½À´Ï´Ù.
  >>>>daemon /chroot/named/bin/named -u nobody -g nobody -t
  /chroot/named

  ¾Æ·¡ ½ºÅ©¸³Æ®´Â /etc/rc.d/init.d/named ¿¡ ÀúÀå ÇÕ´Ï´Ù.

   #!/bin/sh #
  #named           This shell script takes care of starting and stopping #
  named (BIND DNS server).  # # chkconfig: 345 55 45 # description: named
  (BIND) is a Domain Name Server (DNS) \ # that is used to resolve host
  names to IP addresses.  # probe: true
  # Source function library.  . /etc/rc.d/init.d/functions
  # Source networking configuration.  . /etc/sysconfig/network
  # Check that networking is up.  [ ${NETWORKING} = "no" ] && exit 0
  [ -f /chroot/named/bin/named ] || exit 0
  [ -f /chroot/named/etc/named.conf ] || exit 0
  # See how we were called.  case "$1" in
    start)
          # Start daemons.  echo -n "Starting named: " daemon
          /chroot/named/bin/named -u named -g named -t /chroot/named echo
          touch /var/lock/subsys/named ;;
    stop)
          # Stop daemons.  echo -n "Shutting down named: " killproc named
          rm -f /var/lock/subsys/named echo ;;
    status)
          /usr/local/sbin/ndc status exit $?  ;;
    restart)
          /usr/local/sbin/ndc restart exit $?  ;;
    reload)
          /usr/local/sbin/ndc reload exit $?  ;;
    probe)
          # named knows how to reload intelligently; we don't want linuxconf
          # to offer to restart every time /usr/local/sbin/ndc reload
          >/dev/null 2>&1 || echo start exit 0 ;;
    *)
          echo "Usage: named {start|stop|status|restart}" exit 1
  esac
  exit 0

  4.4.  ¼³Á¤ º¯°æ

  named.conf ¿¡ Àû¿ëµÈ ¼³Á¤ ¸î°³¸¦ º¯°æÇØ¾ß ÇÒÁöµµ ¸ð¸¨´Ï´Ù.  º¯°æÇؾß
  ÇҰ͵éÀº ¾Æ·¡¿¹µé µîÀÔ´Ï´Ù.

  directory "/etc/namedb"; pid-file "/var/run/named.pid"; named-xfer
  "/bin/named-xfer";

  (%ÁÖÀÇ%) Àý´ë directory ¾È¿¡´Ù°¡ /chroot/named/etcÀ¸·Î ÀûÁö ¸¶½Ê½Ã¿ä
  /chroot°¡ /¶ó°í »ý°¢ÇϹǷΠÀ§¿¡ ¼³Á¤´ë·Î ÁøÇàÇÏ¿´´Ù¸é º¸Åë /etc/namedb
  ÀÌ·¸°Ô µÉ°Í ÀÔ´Ï´Ù.

  5.  BIND¸¦ ½ÇÇàÇÕ´Ï´Ù.

  º¸Åë RedHat 6.0 system¿¡¼­´Â ´ÙÀ½°ú °°½À´Ï´Ù.  /etc/rc.d/init.d/named
  start ¿¹Àü ¹öÀüÀ̳ª ÀÌ¹Ì ½ÃÀ۵Ǿî ÀÖ´ø°ÍÀÌ ÀÛµ¿Çϴ°ÍÀÌ ¾Æ´ÑÁö ÁÖÀÇ
  ÇϽʽÿä Á¦´ë·Î µÇÁö ¾Ê¾Ò´Ù¸é log³ª ¼³Á¤À» »ìÇǽʽÿÀ.  ¾ðÁ¦³ª
  ±×·¸µíÀÌ ¹«¼Ò½ÄÀÌ Èñ¼Ò½ÄÀÔ´Ï´Ù.^^