I'm a firm believer in chrooting services for some added security. I did this on FreeBSD 4.7-RELEASE, but this will probably also work on Linux, with some modifications. First, download and compile psyBNC as usual:

Next, create the chrooted area. I'm using /chroot for my daemons:

Copy over psyBNC's translations:

Copy over psyBNC's SSL certificates, if you compiled with SSL support:

Copy over the config files. I got these by running psyBNC with strace:

Copy over the libraries. I got these by runnning "ldd /chroot/psybnc/psybnc":

If you wish to use psyBNC's SSL encryption to connect to a IRC server, you'll need to create a device nodes for random and urandom inside the chroot. This can be accomplished in FreeBSD 5.x in the following way:

Note that if you simply wish to use SSL for the connection from your IRC client to the BNC, no device nodes are needed. You are now ready to start psyBNC with the command:

PsyBNC will give you it's PID (process ID) when it starts. You can check that the chroot is working by doing "ls -al /proc/<psybnc's PID>/file". If the output is similar to this:

lr-xr-xr-x  1 psybnc  psybnc  7 Feb 27 21:57 /proc/<psybnc's PID>/file -> /psybnc

then the chroot is working, congratulations!

On Linux, the same can be accomplished by doing "ls -la /proc/<psybnc's PID>/root", and it's output should be similar to:

lrwxrwxrwx  1 psybnc  psybnc   0 Feb 27 21:57 /proc/<psybnc's PID>/root -> /chroot/psybnc

Security Check. Please enter this code.