[Samba] Domain controller in a chroot

Sébastien Le Ray sebastien-samba at orniz.org
Tue Mar 17 03:03:29 MDT 2015


The goal of the chroot is to split the two roles, not to provide any 
additional security


Le 17/03/2015 10:01, Sven Schwedas a écrit :
> On 2015-03-17 09:27, Sébastien Le Ray wrote:
>> Hi list,
>> Since it is considered “harmful” to run a domain controller that acts a
>> fileserver I was considering the option of putting the AD DC into a
>> chroot. Is there any special configuration to perform (except bind
>> interfaces) to avoid conflicts ? (is there any broadcasting issues or so?)
> chroot is not a security feature and trivial to break out of, as the AD
> DC dæmon runs as root.
>> Regards
>> -- 
>> Sébastien Le Ray

More information about the samba mailing list