Keep "starting BIND 9.1.0" out of syslog?
Lou Goddard
lgoddard at camptv.com
Sat Dec 11 15:52:32 UTC 2004
Edit main.c.
"main.c: ISC_LOG_NOTICE, "starting BIND %s%s", =
ns_g_version,"
-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
Behalf Of Barry Margolin
Sent: Friday, December 10, 2004 11:02 PM
To: comp-protocols-dns-bind at isc.org
Subject: Re: Keep "starting BIND 9.1.0" out of syslog?
In article <cpda2v$1vhi$1 at sf1.isc.org>, Pete Ehlke <pde at rfc822.net>=20
wrote:
> On Fri Dec 10, 2004 at 13:44:04 -0800, george_jenior at yahoo.com wrote:
> >We're running BIND 9.1.0. There is a requirement to not have the BIND
> >version logged to syslog. (But they still want other messages to go =
to
> >syslog.)
> >
> Assuming that this 'requirement' comes from your security group, their
> priorities are severely misplaced. You're running a significantly
> outdated version of BIND will well-known and serious bugs.=20
>=20
> Update to a current version, and trust the people who can read your
> system logs.=20
While that may be a good idea, do you really think it will solve the=20
logging problem?
I expect that the reason why this message isn't affected by the logging=20
configuration in named.conf is because it's logged as soon as named=20
starts up, *before* it starts reading the configuration file. So it=20
can't possibly be affected by that file.
--=20
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list