-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The path of your audit_log channel does not look correct. Is this running inside a chroot jail? If so, what is the path of the chroot jail? Let's call that path $CHROOT. Check that there is a directory here:
$CHROOT/chroot/named/logs/ Chris Buxton Professional Services Men & Mice On Aug 12, 2008, at 11:57 AM, Mark A. Moore wrote: > We need help trying to troubleshoot our issue. We are running RHEL > 5.2 and installed the latest version of BIND by following the steps > provided by Steve's article in a chroot jail > (http://www.unixwiz.net/techtips/bind9-chroot.html > ). I've added a few additional options recommended by Rob > (http://www.cymru.com/Documents/secure-bind-template.html > ). We are getting an error when BIND starts up regarding our log > file. Bind still starts up, but since this error in the messages > log, we are not getting any named syslog messages. > > The message is: > named[25935]: logging channel 'audit_log' file '/var/log/named.log': > file not found > > The permission for named.log is a follows -rw-r--r-- root named. > > Here is a partial output of named.conf file: > > logging { > channel default_syslog { > // Send most of the named messages to syslog. > syslog local2; > severity debug; > }; > > channel audit_log { > // Send the security related messages to a separate file. > file "/chroot/named/logs/named.log"; > severity debug; > print-time yes; > }; > > category default { default_syslog; }; > category general { default_syslog; }; > category security { audit_log; default_syslog; }; > category config { default_syslog; }; > category resolver { audit_log; }; > category xfer-in { audit_log; }; > category xfer-out { audit_log; }; > category notify { audit_log; }; > category client { audit_log; }; > category network { audit_log; }; > category update { audit_log; }; > category queries { audit_log; }; > category lame-servers { audit_log; }; > }; > > // Set options for security > options { > directory "/conf"; > pid-file "/var/run/named.pid"; > statistics-file "/var/run/named.stats"; > memstatistics-file "/var/run/named.memstats"; > dump-file "/var/run/named.dump"; > > > > Thanks in advance for any help given. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkih9NMACgkQ0p/8Jp6Boi2SfgCdFGhMiwJzSvEkRgJFPzzhawAi scEAnj2h9BJOgp0bNWZPK+Dwjiou319Z =diHq -----END PGP SIGNATURE-----
