bind logging

I

ItaRi

Good afternoon, prompt, I can not adjust logging. In a config it is registered:
Code: 
logging {
    channel log_file { file "/var/log/named.log" size 10M;
    severity  debug 3 ; };
    category queries { log_file; };
    category xfer-in { log_file; };
    category xfer-out { log_file; };
    category default { log_file; };
};

But logs all the same are not present, what I not so have made?
PS: sorry for my inglish )
 
Make sure the named user is able to write to that log file.
 
SirDice said:
Make sure the named user is able to write to that log file.
Click to expand...

The file was absent, I have created it and have granted the rights:
shape# ls -l named.log
-rw-r--r-- 1 bind bind 0 May 27 15:06 named.log
 
No need to create a log file by hand. Just delete that file.
Replace:
Code: 
channel log_file { file "/var/log/named.log" size 10M;
With
Code: 
channel log_file { file "/var/log/named.log" versions 3 size 10M;
 
User bind has no permission to create a file in /var/log, so it should be created and set to bind:bind, or /var/log/should be chgrp'ed (which you generally don't want). Another option is to simply have BIND log to syslog (local.*) and have syslogd and newsyslog deal with creating/rotating logfiles.
 
Actually if you chroot bind9, the freebsd rc script will create /var/log directory with bind:bind permission.
Code: 
cat /etc/mtree/BIND.chroot.dist
grep -A 6 chroot_autoupdate /etc/rc.d/named

OP: you must run chrooted bind, there is no need to run it on live fs and get rooted, see security thread for more info about chrooting - http://forums.freebsd.org/showthread.php?t=4108
 
Will excuse for troubling, has tracked down a broad gull a file in a directory/var/named/log/named.log
But all the same, all many thanks for the given information
It is necessary to be more attentive))
 
Surely, that would be /var/named/var/log/named.log?

(not calling you Shirley).
 
You must log in or register to reply here.
Back
Top