Logging while chrooted.

Brian Johnson bjohnson at johnson-engineering.ca
Wed Jul 13 18:40:50 UTC 2005


I paniced when I saw this come through.


Brian Johnson


Brian Johnson (bjohnson at drtel.com) wrote:
>
> So in the config I need to specify a file relative to the actual root of the
> machine or relative to the chroot folder?
>
> - Brian J
>
> > -----Original Message-----
> > From: aklist_bind at enigmedia.com [mailto:aklist_bind at enigmedia.com]
> > Sent: Wednesday, July 13, 2005 11:57 AM
> > To: bjohnson at drtel.com
> > Subject: Re: Logging while chrooted.
> >
> > put the log directory below the chroot directory
> >
> > ----- Original Message -----
> > From: "Brian Johnson" <bjohnson at drtel.com>
> > To: <bind-users at isc.org>
> > Sent: Wednesday, July 13, 2005 12:34 PM
> > Subject: Logging while chrooted.
> >
> >
> > >I am having a few issues attempting to log to a file while
> > chrooted. My
> > > understanding is that when chrooted, the named system only
> > sees items in
> > > the
> > > jail. When I set a logging directive and send things to a
> > file. I am
> > > getting
> > > the following errors.
> > >
> > > Jul 13 10:46:18 isp01 named[29712]: isc_log_open
> > '/var/log/named.log'
> > > failed: permission denied
> > >
> > > This folder exists within the jail and is owned by the user
> > named runs as.
> > >
> > > Here is my named.conf logging directive:
> > >
> > > logging {
> > >      channel "default_syslog" {
> > >            // Send most of the named messages to syslog.
> > >            syslog local2;
> > >      severity debug;
> > >      };
> > >      channel audit_log {
> > >            // Send the security related messages to a separate file.
> > >            file "/var/log/named.log";
> > >            severity debug;
> > >      print-time yes;
> > >      };
> > >      category default { default_syslog; };
> > >      category general { default_syslog; };
> > >      category security { audit_log; default_syslog; };
> > >      category config { default_syslog; };
> > >      category resolver { audit_log; };
> > >      category xfer-in { audit_log; };
> > >      category xfer-out { audit_log; };
> > >      category notify { audit_log; };
> > >      category client { audit_log; };
> > >      category network { audit_log; };
> > >      category update { audit_log; };
> > >      category queries { audit_log; };
> > >      category lame-servers { audit_log; };
> > > };
> > >
> > > Any help would be appreciated.
> > >
> > > TIA
> > >
> > > - Brian J.
> > >
> > >
> >
> >
>
>
>



More information about the bind-users mailing list