;
; RSBAC JAIL definition for pdnsd
; 20081407,20110113
;
; Installed versions:  1.2.8(10:37:18 10.11.2010)(urandom -debug -ipv6 -isdn -test)
;
; test by: Jens Kasten (igraltist)
; run on: Gentoo (hardened)
;
; daemon change user and group to pdnsd
;
 
""
"0.0.0.0"
(allow-external-ipc
 allow-dev-read
 allow-dev-write)
(net-raw
 sys-ptrace
 net-bind-service
 setgid
 setuid)
()
()

Deprecated:

;
; RSBAC JAIL definition for pdnsd
; 20081407
;
; Tested by:
; Jens Kasten (igraltist) on gentoo
;
 
""
"0.0.0.0"
(allow-dev-read
 allow-dev-write
 allow-inet-raw
 allow-ipc-syslog
 allow-ipc-parent)
(setgid
 setuid
 net-bind-service
 net-raw
 sys-ptrace
 sys-resource)
(sysctl)
(rlimit
 priority)
This is execute now:
rsbac_jail  -d -D -r -y -P -C  SETGID SETUID NET_BIND_SERVICE NET_RAW SYS_PTRACE SYS_RESOURCE -G  sysctl -M  rlimit priority start-stop-daemon  --start --quiet --exec /usr/sbin/pdnsd -- -t -s -d -p /var/run/pdnsd.pid