FreeBSD 7.0-RELEASE-p12 bind9 log files not found
Hello,
I have setup FreeBSD recently, can somebody help me with one interesting
thing - Bind9 slave DNS server, everything is works great, but I got a
problem with extended logging of xfer, etc.
Bind9 started in chroot:
root 7880.0 0.1 3156 1004 ?? Ss Fri01AM 0:02.10
/usr/sbin/syslogd -l /var/run/log -l /var/named/var/run/log -s
bind30792 0.0 1.2 16212 12864 ?? Is4:10PM 0:00.23
/usr/sbin/named -t /var/named -u bind
Configuration of logging channels from named.conf:
logging
{
channel xfer
{
file /var/named/var/log/xfer.log versions 3 size
10m;
print-time
yes;
print-severity
yes;
severity
info;
};
channel lame
{
file /var/named/var/log/lame.log versions 2 size
10m;
print-time
yes;
print-severity
yes;
severity
info;
};
channel config
{
file /var/named/var/log/conf.log versions 3 size
10m;
print-time
yes;
print-severity
yes;
severity
info;
};
channel security
{
file /var/named/var/log/security.log versions 3 size
10m;
print-time
yes;
print-severity
yes;
severity
info;
};
category xfer-in { xfer; };
category xfer-out { xfer; };
category notify { xfer; };
category lame-servers { lame; };
category config { config; };
category security { security; };
category default { default_syslog; default_debug; };
};
Next, I've create files in /var/named/var/log and chown them to bind:wheel
(cause of -u bind is defined above):
[po...@mgork23-gw /var/named/var/log]$ ls -la
total 4
drwxr-xr-x 2 bind wheel 512 May 30 16:09 .
drwxr-xr-x 6 root wheel 512 May 21 19:16 ..
-rw-r--r-- 1 bind wheel0 May 30 14:54 conf.log
-rw-r--r-- 1 bind wheel0 May 30 14:55 lame.log
-rw-r--r-- 1 bind wheel0 May 30 14:55 security.log
-rw-r--r-- 1 bind wheel0 May 30 14:54 xfer.log
But I get following messages in /var/log/messages:
May 30 16:27:42 srv named[31139]: starting BIND 9.4.2 -t /var/named -u bind
May 30 16:27:42 srv named[31139]: command channel listening on 127.0.0.1#953
May 30 16:27:42 srv named[31139]: command channel listening on ::1#953
May 30 16:27:42 srv named[31139]: logging channel 'xfer' file
'/var/named/var/log/xfer.log': file not found
May 30 16:27:42 srv named[31139]: logging channel 'lame' file
'/var/named/var/log/lame.log': file not found
May 30 16:27:42 srv named[31139]: logging channel 'config' file
'/var/named/var/log/conf.log': file not found
May 30 16:27:42 srv named[31139]: logging channel 'security' file
'/var/named/log/security.log': file not found
May 30 16:27:42 srv named[31139]: running
May 30 16:27:42 srv named[31139]: isc_log_open '/var/named/var/log/xfer.log'
failed: file not found
Changing permissions and putting log-files in different places (with
changing paths in named.conf of course) has no effect. I see that problem is
pretty silly but searching info about this doesn't say something special - I
still got file not found in /var/messages.
Maybe Iam don't understand where files must be placed, so, thanks in advance
for everybody who can explain how it works :)
VP
v.prokof...@gmail.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD 7.0-RELEASE-p12 bind9 log files not found
On Saturday 30 May 2009 14:50:31 Prokofyev Vladislav wrote:
Bind9 started in chroot:
root 7880.0 0.1 3156 1004 ?? Ss Fri01AM 0:02.10
/usr/sbin/syslogd -l /var/run/log -l /var/named/var/run/log -s
bind30792 0.0 1.2 16212 12864 ?? Is4:10PM 0:00.23
/usr/sbin/named -t /var/named -u bind
Configuration of logging channels from named.conf:
logging
{
channel xfer
{
file /var/named/var/log/xfer.log versions 3 size
10m;
The named running chrooted has no clue about /var/named. You can either use
ducttape:
cd /var/named/var sudo ln -s .. named
or just strip /var/named from your config file, hence use /var/log/xfer.log.
--
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD 7.0-RELEASE-p12 bind9 log files not found
Prokofyev Vladislav wrote: Hello, I have setup FreeBSD recently, can somebody help me with one interesting thing - Bind9 slave DNS server, everything is works great, but I got a problem with extended logging of xfer, etc. Bind9 started in chroot: root 7880.0 0.1 3156 1004 ?? Ss Fri01AM 0:02.10 /usr/sbin/syslogd -l /var/run/log -l /var/named/var/run/log -s bind30792 0.0 1.2 16212 12864 ?? Is4:10PM 0:00.23 /usr/sbin/named -t /var/named -u bind [snip] Changing permissions and putting log-files in different places (with changing paths in named.conf of course) has no effect. I see that problem is pretty silly but searching info about this doesn't say something special - I still got file not found in /var/messages. Maybe Iam don't understand where files must be placed, so, thanks in advance for everybody who can explain how it works :) Don't know if this will help, but took a quick look at my box here at home and have the following in my rc.conf - but I don't have logging turned on with this machine. Note the last line. So the logs should be in /var/named/var/log named_enable=YES named_program=/usr/sbin/named named_chrootdir=/var/named -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD 7.0-RELEASE-p12 bind9 log files not found
named_enable=YES named_program=/usr/sbin/named named_chrootdir=/var/named -Mike After adding these options on my system, named didn't start at boot. Manully attempt to start it via '/etc/rc.d/named start' brought to the following error: /etc/rc.d/named: WARNING: run_rc_command: cannot run /usr/sbin/named Anyway, thank you for time you've spent to write an answer. Hope this thread will help somebody who is stuck with the same problem. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD 7.0-RELEASE-p12 bind9 log files not found
On Saturday 30 May 2009 17:01:17 Prokofyev Vladislav wrote: The named running chrooted has no clue about /var/named. You can either use ducttape: cd /var/named/var sudo ln -s .. named or just strip /var/named from your config file, hence use /var/log/xfer.log. -- Mel This helped, thank you a lot. So, if I think in a right way, /usr/sbin/named with -t start option don't effect on any symlinks etc. Erm, yes or ... no. I suggest you read up on chroot. The short answer is that relative symlinks within the chroot environment work while absolute ones should take into the account the new filesystem root. I didn't pay attention to this cause named(8) says: -t directory Chroot to directory after processing the command line arguments, but before reading the configuration file. and have a look at what /etc/namedb really is: # ls -l /etc/namedb lrwxr-xr-x 1 root wheel 21 May 21 06:24 /etc/namedb - /var/named/etc/namedb And this demonstrates chroot a bit: # cp /rescue/ls /var/named/ # chroot /var/named /ls -l /etc/namedb total 1 drwxr-xr-x 2 53 0512 Feb 28 05:57 dynamic drwxr-xr-x 2 0 0512 May 15 13:42 master -rw-r--r-- 1 0 0 11714 May 15 14:40 named.conf -rw-r--r-- 1 0 0 2956 May 15 13:42 named.root -rw--- 1 53 0 97 Apr 18 10:29 rndc.key drwxr-xr-x 2 53 0512 May 30 11:21 slave Warning: This option should be used in conjunction with the -u option, as chrooting a process running as root doesn't enhance security on most systems; the way chroot(2) is defined allows a process with root privileges to escape a chroot jail. And I thought that all actions for proper work are made by named :) They are, you just need reference the right path, the one without /var/named, or use relative paths where the working directory is /etc/namedb. So one would get to /var/log using: file ../../var/log/xfer; -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
