> > > > named[9291]: could not open entropy source /dev/arandom: file not found
> > > > named[9291]: using pre-chroot entropy source /dev/arandom
> > >
> > > The above logs say to me "can't so this, so doing this instead."
> > >
> > > Since it's using the pre-chroot /dev/arandom, it has a good random
> > > source and everything is fine there.
> >
> > Yes, but is named still chrooted under /var/named after doing this?
> > Because if it is, how can it use /dev/arandom?
>
> Once a file has been opened it is still available after chroot. Any new
> accesses are limited by chroot. It's like a suid program opening files
> or binding to a port < 1024 and then dropping priveleges, in a way.
Obviously, this is what I needed to know.
Thanks!
Jan
