Install the BIND Chroot package and create the necessary directories for the Chroot environment:
[root@dlp ~]# dnf -y install bind-chroot
[root@dlp ~]# mkdir /var/named/chroot/usr/lib64/named
[root@dlp ~]# /usr/libexec/setup-named-chroot.sh /var/named/chroot on
Disable and stop the regular BIND service and enable the BIND Chroot service:
[root@dlp ~]# systemctl disable --now named
[root@dlp ~]# systemctl enable --now named-chroot
In the Chroot environment, configuration files are placed under /var/named/chroot/etc/named.conf, and zone files are placed under /var/named/chroot/var/named/***. When making modifications, use the files under the /var/named/chroot directory.
View the directory structure in the Chroot environment:
[root@dlp ~]# ll /var/named/chroot/etc
Output:
total 708
drwxr-x---. 3 root named 23 Jan 11 09:33 crypto-policies
-rw-r--r--. 2 root root 309 Nov 6 00:46 localtime
drwxr-x---. 2 root named 6 Nov 27 00:19 named
-rw-r-----. 1 root named 2390 Jan 11 09:28 named.conf
-rw-r-----. 1 root named 1029 Nov 27 00:19 named.rfc1912.zones
-rw-r--r--. 1 root named 686 Nov 27 00:19 named.root.key
drwxr-x---. 3 root named 25 Jan 11 09:33 pki
-rw-r--r--. 1 root root 6568 Jun 23 2020 protocols
-rw-r-----. 1 root named 100 Jan 11 09:22 rndc.key
-rw-r--r--. 1 root root 692252 Jun 23 2020 services
[root@dlp ~]# ll /var/named/chroot/var/named
Output:
total 24
-rw-r--r--. 1 root root 313 Jan 11 09:21 0.0.10.db
drwxr-x---. 8 root named 73 Jan 11 09:33 chroot
drwxrwx---. 2 named named 23 Jan 11 09:22 data
drwxrwx---. 2 named named 108 Jan 11 09:38 dynamic
-rw-r-----. 1 root named 2253 Nov 27 00:19 named.ca
-rw-r-----. 1 root named 152 Nov 27 00:19 named.empty
-rw-r-----. 1 root named 152 Nov 27 00:19 named.localhost
-rw-r-----. 1 root named 168 Nov 27 00:19 named.loopback
drwxrwx---. 2 named named 6 Nov 27 00:19 slaves
-rw-r--r--. 1 root root 404 Jan 11 09:30 emc.world.lan
Now, BIND is configured within a Chroot environment, and you can manage it by making changes to the configuration files and zone files located within /var/named/chroot.