> > > > named[9291]: could not open entropy source /dev/arandom: file not found > > > > named[9291]: using pre-chroot entropy source /dev/arandom > > > > > > The above logs say to me "can't so this, so doing this instead." > > > > > > Since it's using the pre-chroot /dev/arandom, it has a good random > > > source and everything is fine there. > > > > Yes, but is named still chrooted under /var/named after doing this? > > Because if it is, how can it use /dev/arandom? > > Once a file has been opened it is still available after chroot. Any new > accesses are limited by chroot. It's like a suid program opening files > or binding to a port < 1024 and then dropping priveleges, in a way.
Obviously, this is what I needed to know. Thanks! Jan