| View previous topic :: View next topic |
| Author |
Message |
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
 Posted: Sun Jan 25, 2009 2:07 am Post subject: Bind Logging (solved) |
 |
|
I'm trying to get BIND to do some better logging rather than just the standard named starting stopping etc. It is chroot'ed, but I don't think that makes a difference in this case.
Those are the error messages:
| Quote: |
Jan 25 02:02:59 Zeus named[31494]: logging channel 'client_file' file '/var/log/bind/client.log': file not found
Jan 25 02:02:59 Zeus named[31494]: logging channel 'unmatched_file' file '/var/log/bind/unmatched.log': file not found
Jan 25 02:02:59 Zeus named[31494]: logging channel 'queries_file' file '/var/log/bind/queries.log': file not found
Jan 25 02:02:59 Zeus named[31494]: logging channel 'network_file' file '/var/log/bind/network.log': file not found
Jan 25 02:02:59 Zeus named[31494]: logging channel 'update_file' file '/var/log/bind/update.log': file not found
Jan 25 02:02:59 Zeus named[31494]: logging channel 'dispatch_file' file '/var/log/bind/dispatch.log': file not found
Jan 25 02:02:59 Zeus named[31494]: logging channel 'dnssec_file' file '/var/log/bind/dnssec.log': file not found
Jan 25 02:02:59 Zeus named[31494]: logging channel 'lame-servers_file' file '/var/log/bind/lame-servers.log': file not found
Jan 25 02:02:59 Zeus named[31494]: isc_log_open '/var/log/bind/general.log' failed: file not found
Jan 25 02:03:03 Zeus named[31494]: isc_log_open '/var/log/bind/queries.log' failed: file not found
|
ls -la
| Quote: |
Zeus bind # ls -la
total 8
drwxr-xr-x 2 root root 4096 Jan 25 02:02 .
drwxr-xr-x 6 root root 4096 Jan 25 02:01 ..
-rw-r--r-- 1 root root 0 Jan 25 02:01 client.log
-rw-r--r-- 1 root root 0 Jan 25 02:02 dispatch.log
-rw-r--r-- 1 root root 0 Jan 25 02:02 dnssec.log
-rw-r--r-- 1 root root 0 Jan 25 02:02 general.log
-rw-r--r-- 1 root root 0 Jan 25 02:02 lame-servers.log
-rw-r--r-- 1 root root 0 Jan 25 02:02 network.log
-rw-r--r-- 1 root root 0 Jan 25 02:01 notify.log
-rw-r--r-- 1 root root 0 Jan 25 02:02 queries.log
-rw-r--r-- 1 root root 0 Jan 25 02:01 unmatched.log
-rw-r--r-- 1 root root 0 Jan 25 02:02 update.log
|
named.conf
| Quote: |
logging {
channel default_file { file "/var/log/bind/default.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel general_file { file "/var/log/bind/general.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel database_file { file "/var/log/bind/database.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel security_file { file "/var/log/bind/security.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel config_file { file "/var/log/bind/config.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel resolver_file { file "/var/log/bind/resolver.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel xfer-in_file { file "/var/log/bind/xfer-in.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel xfer-out_file { file "/var/log/bind/xfer-out.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel notify_file { file "/var/log/bind/notify.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel client_file { file "/var/log/bind/client.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel unmatched_file { file "/var/log/bind/unmatched.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel queries_file { file "/var/log/bind/queries.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel network_file { file "/var/log/bind/network.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel update_file { file "/var/log/bind/update.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel dispatch_file { file "/var/log/bind/dispatch.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel dnssec_file { file "/var/log/bind/dnssec.log" versions 3 size 5m; severity dynamic; print-time yes; };
channel lame-servers_file { file "/var/log/bind/lame-servers.log" versions 3 size 5m; severity dynamic; print-time yes; };
category default { default_file; };
category general { general_file; };
category database { database_file; };
category security { security_file; };
category config { config_file; };
category resolver { resolver_file; };
category xfer-in { xfer-in_file; };
category xfer-out { xfer-out_file; };
category notify { notify_file; };
category client { client_file; };
category unmatched { unmatched_file; };
category queries { queries_file; };
category network { network_file; };
category update { update_file; };
category dispatch { dispatch_file; };
category dnssec { dnssec_file; };
category lame-servers { lame-servers_file; };
};
|
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5
Last edited by vaguy02 on Mon Jan 26, 2009 12:22 am; edited 1 time in total |
|
| Back to top |
|
 |
bunder
Bodhisattva
Joined: 10 Apr 2004
Posts: 5947
|
| Posted: Sun Jan 25, 2009 2:09 am Post subject: |
|
|
change ownership of the files and the folder to "named" or the user it runs as.
hope that helps 
_________________
| Neddyseagoon wrote: | | The problem with leaving is that you can only do it once and it reduces your influence. |
banned from #gentoo since sept 2017 |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Sun Jan 25, 2009 2:43 am Post subject: |
|
|
logging files
| Quote: |
Zeus bind # ls -la
total 8
drwxr-xr-x 2 root root 4096 Jan 25 02:02 .
drwxr-xr-x 6 root root 4096 Jan 25 02:40 ..
-rw-r--r-- 1 named named 0 Jan 25 02:01 client.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 dispatch.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 dnssec.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 general.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 lame-servers.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 network.log
-rw-r--r-- 1 named named 0 Jan 25 02:01 notify.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 queries.log
-rw-r--r-- 1 named named 0 Jan 25 02:01 unmatched.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 update.log
|
messages
| Quote: |
]
Zeus log # tail named.log
Jan 25 02:41:39 Zeus named[32024]: logging channel 'notify_file' file '/var/log/bind/notify.log': file not found
Jan 25 02:41:39 Zeus named[32024]: logging channel 'client_file' file '/var/log/bind/client.log': file not found
Jan 25 02:41:39 Zeus named[32024]: logging channel 'unmatched_file' file '/var/log/bind/unmatched.log': file not found
Jan 25 02:41:39 Zeus named[32024]: logging channel 'queries_file' file '/var/log/bind/queries.log': file not found
Jan 25 02:41:39 Zeus named[32024]: logging channel 'network_file' file '/var/log/bind/network.log': file not found
Jan 25 02:41:39 Zeus named[32024]: logging channel 'update_file' file '/var/log/bind/update.log': file not found
Jan 25 02:41:39 Zeus named[32024]: logging channel 'dispatch_file' file '/var/log/bind/dispatch.log': file not found
Jan 25 02:41:39 Zeus named[32024]: logging channel 'dnssec_file' file '/var/log/bind/dnssec.log': file not found
Jan 25 02:41:39 Zeus named[32024]: logging channel 'lame-servers_file' file '/var/log/bind/lame-servers.log': file not found
Jan 25 02:41:39 Zeus named[32024]: isc_log_open '/var/log/bind/general.log' failed: file not found
|
No change, Sorry. Any other ideas? I really thought that one was going to work.
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
doctork
Guru
Joined: 25 Apr 2004
Posts: 370
Location: Cleveland, OH
|
| Posted: Sun Jan 25, 2009 3:18 am Post subject: |
|
|
I expect your problem is the chroot. Try running it without the chroot, or create the [chroot_path]/var/log directory.
doc |
|
| Back to top |
|
|
bunder
Bodhisattva
Joined: 10 Apr 2004
Posts: 5947
|
| Posted: Sun Jan 25, 2009 3:41 am Post subject: |
|
|
| Quote: | | drwxr-xr-x 2 root root 4096 Jan 25 02:02 . |
that one too.
_________________
| Neddyseagoon wrote: | | The problem with leaving is that you can only do it once and it reduces your influence. |
banned from #gentoo since sept 2017 |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Sun Jan 25, 2009 1:46 pm Post subject: |
|
|
Still No go. Sorry, Anything else?
| Quote: |
Zeus bind # ls -la
total 8
drwxr-xr-x 2 named named 4096 Jan 25 02:02 .
drwxr-xr-x 6 root root 4096 Jan 25 02:40 ..
-rw-r--r-- 1 named named 0 Jan 25 02:01 client.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 dispatch.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 dnssec.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 general.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 lame-servers.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 network.log
-rw-r--r-- 1 named named 0 Jan 25 02:01 notify.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 queries.log
-rw-r--r-- 1 named named 0 Jan 25 02:01 unmatched.log
-rw-r--r-- 1 named named 0 Jan 25 02:02 update.log
|
| Quote: | Zeus bind # tail /var/log/named.log
Jan 25 13:44:46 Zeus named[3330]: logging channel 'client_file' file '/var/log/bind/client.log': file not found
Jan 25 13:44:46 Zeus named[3330]: logging channel 'unmatched_file' file '/var/log/bind/unmatched.log': file not found
Jan 25 13:44:46 Zeus named[3330]: logging channel 'queries_file' file '/var/log/bind/queries.log': file not found
Jan 25 13:44:46 Zeus named[3330]: logging channel 'network_file' file '/var/log/bind/network.log': file not found
Jan 25 13:44:46 Zeus named[3330]: logging channel 'update_file' file '/var/log/bind/update.log': file not found
Jan 25 13:44:46 Zeus named[3330]: logging channel 'dispatch_file' file '/var/log/bind/dispatch.log': file not found
Jan 25 13:44:46 Zeus named[3330]: logging channel 'dnssec_file' file '/var/log/bind/dnssec.log': file not found
Jan 25 13:44:46 Zeus named[3330]: logging channel 'lame-servers_file' file '/var/log/bind/lame-servers.log': file not found
Jan 25 13:44:46 Zeus named[3330]: isc_log_open '/var/log/bind/general.log' failed: file not found
Jan 25 13:44:53 Zeus named[3330]: isc_log_open '/var/log/bind/queries.log' failed: file not found
Zeus bind # date
Sun Jan 25 13:45:11 Local time zone must be set--see zic manual page 2009
|
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
doctork
Guru
Joined: 25 Apr 2004
Posts: 370
Location: Cleveland, OH
|
| Posted: Sun Jan 25, 2009 3:01 pm Post subject: |
|
|
You say your running chroot.
What's the value of CHROOT in /etc/conf.d/named?
If you used the instructions in that file for doing chroot, then what's the result of
doc |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Sun Jan 25, 2009 3:05 pm Post subject: |
|
|
| Quote: | | What's the value of CHROOT in /etc/conf.d/named? |
| Code: |
# Set various named options here.
#
OPTIONS=""
# Set this to the number of processors you have.
#
CPU="1"
# If you wish to run bind in a chroot, run:
# emerge --config =<bind-version>
# and un-comment the following line.
# You can specify a different chroot directory but MAKE SURE it's empty.
CHROOT="/chroot/dns"
# Default pid file location
PIDFILE="${CHROOT}/var/run/named/named.pid"
# Scheduling priority: 19 is the lowest and -20 is the highest.
#
NAMED_NICELEVEL="0"
|
| Quote: |
Code:
ls -lR /chroot/dns
|
| Code: |
Zeus conf.d # ls -lR /chroot/dns
/chroot/dns:
total 12
drwxr-xr-x 2 root root 4096 Jan 25 02:41 dev
drwxr-xr-x 3 root root 4096 Dec 11 13:07 etc
drwxr-xr-x 4 named named 4096 Dec 11 13:07 var
/chroot/dns/dev:
total 0
srw-rw-rw- 1 root root 0 Jan 25 02:41 log
crw-rw-rw- 1 root root 1, 8 Dec 11 13:07 random
crw-rw-rw- 1 root root 1, 5 Dec 11 13:07 zero
/chroot/dns/etc:
total 8
drwxr-xr-x 2 root root 4096 Jan 25 02:03 bind
-rw-r--r-- 1 root root 255 Dec 11 13:07 localtime
/chroot/dns/etc/bind:
total 12
-rw-r--r-- 1 root root 4962 Jan 25 02:01 named.conf
lrwxrwxrwx 1 root root 18 Dec 11 13:07 pri -> ../../var/bind/pri
-rw------- 1 named named 77 Dec 11 13:07 rndc.key
lrwxrwxrwx 1 root root 18 Dec 11 13:07 sec -> ../../var/bind/sec
/chroot/dns/var:
total 8
drwxr-xr-x 4 named named 4096 Dec 11 13:07 bind
drwxr-xr-x 3 named named 4096 Dec 11 13:07 run
/chroot/dns/var/bind:
total 12
-rw-r--r-- 1 named named 2878 Dec 11 13:07 named.ca
drwxr-xr-x 2 named named 4096 Dec 30 15:14 pri
lrwxrwxrwx 1 named named 23 Dec 11 13:07 root.cache -> ../../var/bind/named.ca
drwxr-xr-x 2 named named 4096 Dec 11 13:07 sec
/chroot/dns/var/bind/pri:
total 12
-rw-r--r-- 1 named named 227 Dec 11 13:07 127.zone
-rw-r--r-- 1 named named 423 Dec 11 13:07 localhost.zone
-rw-r--r-- 1 named named 423 Dec 30 15:14 poison.zone
/chroot/dns/var/bind/sec:
total 0
/chroot/dns/var/run:
total 4
drwxr-xr-x 2 named named 4096 Jan 25 13:44 named
/chroot/dns/var/run/named:
total 4
-rw-r--r-- 1 named named 5 Jan 25 13:44 named.pid
|
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
doctork
Guru
Joined: 25 Apr 2004
Posts: 370
Location: Cleveland, OH
|
| Posted: Sun Jan 25, 2009 3:13 pm Post subject: |
|
|
So it looks like you need to create /chroot/dns/var/log/bind, no?
doc |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Sun Jan 25, 2009 3:18 pm Post subject: |
|
|
How's this:
| Quote: |
/chroot/dns/var/log:
total 0
lrwxrwxrwx 1 root root 13 Jan 25 15:22 bind -> /var/log/bind
|
Do I reference /chroot/dns/var/log in my named.conf file in the chroot dir?
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
doctork
Guru
Joined: 25 Apr 2004
Posts: 370
Location: Cleveland, OH
|
| Posted: Sun Jan 25, 2009 3:36 pm Post subject: |
|
|
I've never run named/chroot on Gentoo, but did so on RedHat in a previous incarnation. Further, I've alwas used syslog logging for named and sorted things out with syslog-ng. This should work if you actually create the directory /chroot/dns/var/log/bind. That needs to belong to named:named, like the rest of the stuff in /chroot/dns. Then, if for convenience sake you want to do a symbolic link from that directory to /var/log/bind, you can do so.
doc |
|
| Back to top |
|
|
doctork
Guru
Joined: 25 Apr 2004
Posts: 370
Location: Cleveland, OH
|
| Posted: Sun Jan 25, 2009 3:41 pm Post subject: |
|
|
| Quote: | | Do I reference /chroot/dns/var/log in my named.conf file in the chroot dir? |
Oops, didn't answer the question. No, you don't reference /chroot/dns in you named.conf file -- you leave the definitions in you named.conf as you originally defined them.
doc |
|
| Back to top |
|
|
scherz0
Apprentice
Joined: 02 Oct 2008
Posts: 154
|
| Posted: Sun Jan 25, 2009 3:49 pm Post subject: |
|
|
| vaguy02 wrote: | How's this:
| Quote: |
/chroot/dns/var/log:
total 0
lrwxrwxrwx 1 root root 13 Jan 25 15:22 bind -> /var/log/bind
|
|
For a process with root in /chroot/dns/, this symlink is pointing to itself !
| Quote: |
Do I reference /chroot/dns/var/log in my named.conf file in the chroot dir? |
No, leave it as /var/log/. For a process rooted at /chroot/dns/, /chroot/dns/var/log/ does not exit.
As previously written, just create /chroot/dns/var/log/bind/ with the right permissions, and it should be ok. |
|
| Back to top |
|
|
vaguy02
Guru
Joined: 25 Feb 2005
Posts: 424
Location: Hopefully in one place
|
| Posted: Mon Jan 26, 2009 12:22 am Post subject: |
|
|
Reloaded without the chroot, logging fine now. Thanks guys.
_________________
Linux Registered User #458185
Intel Quad-Core w/ 4gigs Ram w/ 8800 GTX - Windows 7 RC
2x (Intel Dual-Core w/ 2gigs Ram - Gentoo)
Mac G5 Dual-Core w/ 2gigs Ram - OS 10.5 |
|
| Back to top |
|
|
|
Networking & Security
