This is a discussion on Re: Number of CPUs detected by Bind 9.4.2 on 4 CPU system running RedHat es 4. - DNS ; This access can be limited using GRSecurity. Chris Buxton Professional Services Men & Mice On Apr 1, 2008, at 8:20 AM, Jeff Lightner wrote: > I'm sorry but doesn't this risk someone getting into your chroot > environment and changing ...
This access can be limited using GRSecurity.
Men & Mice
On Apr 1, 2008, at 8:20 AM, Jeff Lightner wrote:
> I'm sorry but doesn't this risk someone getting into your chroot
> environment and changing your SCSI setup or other things which is done
> by echoing things into /proc/scsi/...? If it's really required should
> it be a read only mount? The whole point of chroot is to limit what
> can be accessed if the chroot environment is compromised. Giving
> access to something like /proc seems counterintuitive to me.
> I feel I'm missing something important here.
> -----Original Message-----
> From: firstname.lastname@example.org [mailto:email@example.com] On
> Behalf Of greg kuechle
> Sent: Tuesday, April 01, 2008 11:09 AM
> To: Adam Tkac
> Cc: firstname.lastname@example.org
> Subject: Re: Number of CPUs detected by Bind 9.4.2 on 4 CPU system
> running RedHat es 4.
> On Tue, Apr 1, 2008 at 6:23 AM, Adam Tkac
>> On Mon, Mar 31, 2008 at 11:59:10AM -0600, greg kuechle wrote:
>>> I have install bind 9.4.2 on a system with 4 CPUs running RedHat
> es4. I
>>> compiled named with the --enable-threads and used the -n 4 flag
> when I
>>> start named.
>>> Mar 31 10:12:24 ******** named: starting BIND 9.4.2 -t
>>> -u named -n 4 -c /etc/named.conf
>>> Mar 31 16:12:24 ******** named: found 1 CPU, using 4 worker
>>> Before I upgraded the system it was running an older version of
>>> comes packaged with the OS.
>>> Here is the output from the logfile.
>>> Mar 24 11:34:13 ******** named: starting BIND 9.2.4
>>> Mar 24 11:34:13 ******** named: using 4 CPUs
>>> Did I compile named wrong?
>>> Will BIND 9.4.2 use all of the CPUs if I use the -n 4 option at
>>> It looks like named is only running on one CPU. Will named start
>>> other CPUs once one CPU is up to 100% ?
>>> Thank you for any help.
>> I think you forgot mount /proc filesystem into chroot. You can try it
>> with /proc mounted in chroot (for example $mount --bind /proc
>> Adam Tkac, Red Hat, Inc.
> Thank you Adam,
> That did the trick. I mounted /proc in chroot and restarted named.
> I am still using the -n 4 switch. The log output is:
> Apr 1 14:01:58 dnsserver-1 named: found 4 CPUs, using 4 worker
> When I run a ps -ef | grep name I only see one named process
> running. Is
> this correct ?
> I thought I would see 4 running.
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or
> confidential information and is for the sole use of the intended
> recipient(s). If you are not the intended recipient, any disclosure,
> copying, distribution, or use of the contents of this information is
> prohibited and may be unlawful. If you have received this electronic
> transmission in error, please reply immediately to the sender that
> you have received the message in error, and delete it. Thank you.