how to log to a remote logging server (syslog-ng) from a chroot'ed BIND9?

OpenMacNews bind-users.20.openmacnews at spamgourmet.com
Mon Jul 26 07:28:15 UTC 2004


hi all,

i've BIND9 installed in a chroot jail on MacOSX 10.3.4.

'til now, i've been logging to files in the (chroot)/var/log dir.

i've set up a central/remote logging server (syslog-ng), and would like to capture/send the chroot'ed BIND9's logs to the remote server ...

in considering this scenario, tho, i've managed to cget a bit condused .... so, a couple of questions:

   (1) the logging statement in named.conf clearly has the option to capture to a "syslog daemon" channel ...
but how do i capture to a NON-syslog (i.e., in this case, 'syslog-ng's daemon) daemon?

   (2) do i need to capture first to a local syslog-ng daemon instance, then send/x-fer to a remote, or can BIND9 be set up to speak 'directly' to the remote server?

   (3) am i completely defeating the security of the chroot jail by sending logs _outside_?

any pointers, suggestions, etc -- or better yet a relevant howto URL -- would be very much appreciated!

thx,

richard


More information about the bind-users mailing list