[lug] logging with bind 8
charles at lunarmedia.net
charles at lunarmedia.net
Sat Dec 29 12:01:54 MST 2001
I am indeed running bind as "named", however even when i touch the files,
and give them a 666 chmod, nothing seems to be logged to the alternate
files...
-charles
On Sat, 29 Dec 2001, Brad Doctor wrote:
> If you are running named *as* named, there may be some issue with file
> ownership. I make all of my named-related files owned by named, or
> whatever the user is. /var/adm/messages is being written indirectly via
> syslog whereas the specific files mentioned below will be written
> directly. I think it wants to "own" the files.
>
> With my setup, I have thus:
>
> 11 @fw:/var/log/named > ls -al
> total 3995
> drwxr-xr-x 2 root wheel 512 Mar 28 2001 ./
> drwxr-xr-x 4 root wheel 1536 Dec 28 12:00 ../
> -rw-r--r-- 1 named named 4076309 Dec 28 23:37 named.debug
>
> The world and group bits can be set to read-only if you like, since named
> owns it. Other than that, I have no special considerations for the log
> files. The files within /var/named are also owned by user named. Notice
> that the directories are owned by root, with my process running as
> named. This prevents the process from creating new files, but allows it to
> access existing files that it owns. A bit more security in that. Also a
> bit more responsibility on your side. If you specify a file below, make
> sure that it exists and is owned by named, or whatever user you are running
> as, which is hopefully not root :)
>
> -brad
>
> At 09:03 AM 12/29/2001 -0600, charles at lunarmedia.net wrote:
>
> >thanks for the help, however i'm still not seeing anything logging to
> >alternative files other than /var/log/messages. even with lame-servers
> >specifically addressed as you have below, lame-server errors and still
> >showing up in regular syslog output.
> >does named need to be started in a certain manner in order to be able to
> >allow this type of logging? i even touched all of the related log files
> >and gave them 666 perms to see if it was an error in the daemon being able
> >to write, but to no avail.
> >
> >-c
> >
> >
> >
> >On Fri, 28 Dec 2001 bdoctor at ps-ax.com wrote:
> >
> > > This is what I use, should do what you wish:
> > >
> > > logging {
> > > channel default_log {
> > > file "/dev/null";
> > > severity info;
> > > };
> > > channel severe_log {
> > > file "/var/log/named/named.severe";
> > > severity critical;
> > > };
> > > channel error_log {
> > > file "/var/log/named/named.error";
> > > severity error;
> > > };
> > > channel debug_log {
> > > file "/var/log/named/named.debug";
> > > severity debug;
> > > };
> > > category default { debug_log; };
> > > category config { debug_log; };
> > > category parser { debug_log; };
> > > category panic { debug_log; };
> > > category cname { null; };
> > > category lame-servers { null; };
> > >
> > > };
> > >
> > >
> > > > i'd like to have bind log to its own file within /var/log rather than to
> > > > syslog. i have configured:
> > > >
> > > > // logging
> > > > logging {
> > > >
> > > > // shunt logging to a local file
> > > > channel log_to_file {
> > > > file "/var/log/named/dnslog";
> > > > severity info;
> > > > };
> > > >
> > > > // specify where categories should log
> > > > category default { log_to_file; };
> > > >
> > > > };
> > > >
> > > > however, upon restarting bind, its still logging everything to
> > > > /var/log/messages, which is precisely what i had hoped to avoid. i'm
> > > > reading through dns&bind pp147-151. anyone see incorrect syntax right
> > off
> > > > that sticks out?
> > > >
> > > > thanks -c
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > Web Page: http://lug.boulder.co.us
> > > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > > >
> > >
> > >
> > >
> >
> >_______________________________________________
> >Web Page: http://lug.boulder.co.us
> >Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
> Brad Doctor, CISSP
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
More information about the LUG
mailing list