From 62c96b27cddff872a02986188ee2b055408c0fff Mon Sep 17 00:00:00 2001
From: "Kyle J. McKay" <mackyle@gmail.com>
Date: Thu, 13 Nov 2014 12:39:05 -0800
Subject: [PATCH] cron: note in examples to run the chroot jail's sshd with -u0

---
 cron/README  | 3 +++
 cron/girocco | 3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/cron/README b/cron/README
index 31a791d..155968d 100644
--- a/cron/README
+++ b/cron/README
@@ -18,3 +18,6 @@ for that).
 IMPORTANT: Please also see the ../screen/README file to make sure
 that screen is properly configured to support this girocco cron
 file.
+
+NOTE: Running the chroot jail's sshd with -u0 is strongly recommended
+to avoid unnecessary DNS lookups.
diff --git a/cron/girocco b/cron/girocco
index b90cce1..1910742 100644
--- a/cron/girocco
+++ b/cron/girocco
@@ -29,7 +29,8 @@
 # should be run just before the chroot command:
 #   /sbin/devfs -m ~repo/j/dev ruleset 4
 #   /sbin/devfs -m ~repo/j/dev rule applyset
-@reboot		root	cd ~repo/j && /usr/sbin/chroot ~repo/j /sbin/sshd
+# Note that sshd is run with -u0 to avoid unnecessary DNS lookups
+@reboot		root	cd ~repo/j && /usr/sbin/chroot ~repo/j /sbin/sshd -u0
 
 #
 ## girocco tasks that run as repo
-- 
2.11.4.GIT