Solved unbound log file

Hi!

I am using local_unbound from base OS and DNS over TLS works. I try to setup logfile but it shows oaky but there are anything.
In unbound.conf I have:
Code:
# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
server:
    username: unbound
    directory: /var/unbound
    chroot: /var/unbound
    pidfile: /var/run/local_unbound.pid
    auto-trust-anchor-file: /var/unbound/root.key
    logfile: /var/log/unbound.log
    log-queries: yes
include: /var/unbound/forward.conf
include: /var/unbound/lan-zones.conf
include: /var/unbound/control.conf
include: /var/unbound/conf.d/*.conf
I added just two lines related to log.
And local-unbound-checkconf shows that are no errors in /var/unbound/unbound.conf.

Thank you.
 
Hello there
What about unbound log file ownership? In FreeBSD set to unbound:wheel
Then the verbosity 1 to 5
verbosity: 1
# logfile
logfile: /var/unbound/unbound.log
# Optional: timestamp UTC ascii
log-time-ascii: yes
# Optional: debug only, more log info but server slower
log-queries: yes
#Unbound send log messages to syslogd, default: yes ; NO to log
use-syslog: no

Maybe chroot is not really necessary.
 
Hi!

I am using local_unbound from base OS and DNS over TLS works. I try to setup logfile but it shows oaky but there are anything.
In unbound.conf I have:
Code:
# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
server:
    username: unbound
    directory: /var/unbound
    chroot: /var/unbound
    pidfile: /var/run/local_unbound.pid
    auto-trust-anchor-file: /var/unbound/root.key
    logfile: /var/log/unbound.log
    log-queries: yes
include: /var/unbound/forward.conf
include: /var/unbound/lan-zones.conf
include: /var/unbound/control.conf
include: /var/unbound/conf.d/*.conf
I added just two lines related to log.
And local-unbound-checkconf shows that are no errors in /var/unbound/unbound.conf.

Thank you.

The logfile-path has to be in the chroot. In your case: /var/unbound/unbound.log
 
The logfile-path has to be in the chroot. In your case: /var/unbound/unbound.log
I switch to [ports]dns/unbound[/ports] and I have the same problem.
Code:
logfile: /usr/local/etc/unbound/log/unbound.log
  log-time-ascii: yes
  log-queries: yes
  val-log-level: 2
Code:
chroot: /usr/local/etc/unbound
I made directory "log' and made unboud.log with touch.

But nothing...empty.
 
I have something more.
In /etc/passwd I have:
Code:
unbound:*:59:59:Unbound DNS Resolver:/var/unbound:/usr/sbin/nologin[/
[CODE]unbound:*:59:
I do not know if was there default or local_unbound which I did use wrote in.
I am using now "unbound' from ports and /usr/local/etc/unbound

Thank you.
 
Dear fernandel,
please find below my working config serving the normal system plus a jail at 10.0.0.x as an example.
It configures the version available in ports and as pkg. I have the package installed.
Code:
server:
logfile: "/var/log/unbound.log"
auto-trust-anchor-file: "/var/unbound/root.key"
verbosity: 0
log-queries: yes
log-replies: yes
log-tag-queryreply: yes
log-local-actions: yes
log-servfail: yes
chroot: ""

    pidfile: "/var/run/unbound.pid"

port: 53    # port to answer queries from
do-ip4: yes    # Enable IPv4, "yes" or "no".
do-ip6: no    # Enable IPv6, "yes" or "no".
do-udp: yes    # Enable UDP, "yes" or "no".
do-tcp: yes

rrset-roundrobin: yes
minimal-responses: no
cache-min-ttl: 60
prefetch: no
prefetch-key: no
num-threads: 1  # 1 is enough for not heavy loaded server
use-syslog: yes
log-time-ascii: yes

    interface: 10.0.0.1
    interface: 127.0.0.1
    access-control: 10.0.0.0/8 allow
    access-control: 127.0.0.0/24 allow

include: /var/unbound/local-void.zones
There is no local_something in the lines. I use syslog. The include files I have really exist. You have lots of them. The entry in the password file about unbound is the same as the first line in your last post up to the bracket.
 
Dear fernandel,
please find below my working config serving the normal system plus a jail at 10.0.0.x as an example.
It configures the version available in ports and as pkg. I have the package installed.
Code:
use-syslog: yes
. I use syslog. The include files I have really exist. You have lots of them. The entry in the password file about unbound is the same as the first line in your last post up to the bracket.
Did you edit a syslog.conf, please?
 
Code:
include: /var/unbound/control.conf
I don't comprehend the problem. But I can suggest a hint.
Local_unbound doesn't work well with the above. You need run the local_unbound_setup or so in order to generate the key-pair for the control setup and that throws an error.

You can do away with the control or comment it out. By the way, the conf should contain info about the secret keys. I'm not sure I'm seeing them in your conf.

The Unbound in the ports works well with the control feature. And you can use the forward-zone (if my memory serves me right) to route dns traffic to PowerDNS/DNSDIST and DNSCRYPT. Unbound can also be linked to NSD for private domains.
 
Dear fernandel,

yes. Sorry that I forgot to add those two lines related to unbound as
Code:
!unbound
*.*                                             /var/log/unbound.log
Yes, I did but I went to my first unbound.conf and it works:
Code:
...
directory: /usr/local/etc/unbound
chroot: /usr/local/etc/unbound
logfile: /usr/local/etc/unbound/unbound.log
...
 
Back
Top