diff --git a/manifests/chroot/manual.pp b/manifests/chroot/manual.pp
index cbc2c84..d3fc3a3 100644
--- a/manifests/chroot/manual.pp
+++ b/manifests/chroot/manual.pp
@@ -14,7 +14,7 @@ class bind::chroot::manual(
             "${::bind::defaults::chroot_dir}/var/cache",
             "${::bind::defaults::chroot_dir}/var/run"]:
       ensure  => directory,
-      mode    => '0660',
+      mode    => '0661',
       require => Exec['mkdir-p-$chroot_dir'],
     }
 
@@ -48,13 +48,13 @@ class bind::chroot::manual(
       require => [ Exec['mknod-dev-null'], Exec['mknod-dev-random'], Exec['mknod-dev-urandom'] ],
     }
     exec { 'mv-etc-bind-into-jailed-etc':
-        command => "mv ${::bind::defaults::confdir} ${::bind::defaults::chroot_dir}",
+        command => "mv ${::bind::defaults::confdir} ${::bind::defaults::chroot_dir}${::bind::defaults::confdir}",
         path    => ['/bin', '/usr/bin'],
         unless  => "test -d ${::bind::defaults::chroot_dir}${::bind::defaults::confdir}",
-        require => [ File["${::bind::defaults::chroot_dir}/etc"] ]
+        require => [ Package['bind'], File["${::bind::defaults::chroot_dir}/etc"] ],
+    }
+    -> file { '/etc/bind':
+        ensure  => link,
+        target  => "${::bind::defaults::chroot_dir}${::bind::defaults::confdir}",
     }
-    #-> file { '/etc/bind':
-    #    ensure  => link,
-    #    target  => "${::bind::defaults::chroot_dir}/${::bind::defaults::confdir}",
-    #}
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index 7681819..f3e9bed 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -38,6 +38,11 @@ class bind (
         name   => $::bind::defaults::bind_package,
     }
 
+    if $chroot and $::bind::defaults::chroot_class {
+        # When using a dedicated chroot class, service declaration is dedicated to this class
+        class { $::bind::defaults::chroot_class : }
+    }
+
     if $dnssec {
         file { '/usr/local/bin/dnssec-init':
             ensure => present,
@@ -113,10 +118,6 @@ class bind (
         content => "};\n";
     }
 
-    if $chroot and $::bind::defaults::chroot_class {
-        # When using a dedicated chroot class, service declaration is dedicated to this class
-        class { $::bind::defaults::chroot_class : }
-    } 
     # DO NOT declare a bind service when chrooting bind with bind::chroot::package class,
     # because it needs another dedicated chrooted-bind service (i.e. named-chroot on RHEL)
     # AND it also needs $::bind::defaults::bind_service being STOPPED and DISABLED.