From 6a8cce5274fcbd4c726909e61d4403eb0133cf09 Mon Sep 17 00:00:00 2001
From: Matthijs Kooijman <matthijs@stdin.nl>
Date: Sun, 30 Jan 2011 12:01:50 +0100
Subject: [PATCH] nsd: Run in a chroot.

---
 etc/nsd3/nsd.conf | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/etc/nsd3/nsd.conf b/etc/nsd3/nsd.conf
index 692421d..b54b847 100644
--- a/etc/nsd3/nsd.conf
+++ b/etc/nsd3/nsd.conf
@@ -26,7 +26,7 @@ server:
 	# ip6-only: no
 	
 	# the database to use
-	# database: "/var/lib/nsd3/nsd.db"
+	database: "/var/lib/nsd3/nsd.db"
 
 	# identify the server (CH TXT ID.SERVER entry).
 	# identity: "unidentified server"
@@ -41,7 +41,7 @@ server:
 	# tcp-count: 10
 
 	# File to store pid for nsd in.
-	# pidfile: "/var/run/nsd3/nsd.pid"
+	pidfile: "/var/lib/nsd3/nsd.pid"
 
 	# port to answer queries on. default is 53.
 	# port: 53
@@ -51,7 +51,7 @@ server:
 
 	# Run NSD in a chroot-jail.
 	# make sure to have pidfile and database reachable from there.
-	# chroot: "/etc/nsd3"
+	chroot: "/var/lib/nsd3/"
 
 	# After binding socket, drop user privileges.
 	# can be a username, id or id.gid.
@@ -62,7 +62,7 @@ server:
 
 	# The file where incoming zone transfers are stored.
 	# run nsd-patch to update zone files, then you can safely delete it.
-	# difffile: "/etc/nsd3/ixfr.db"
+	difffile: "/var/lib/nsd3/ixfr.db"
 
 	# The file where secondary zone refresh and expire timeouts are kept.
 	# If you delete this file, all secondary zones are forced to be 
-- 
2.30.2