BIND 9.3.1 chroot and channel logging (Correct perms set!)
base60
nobody at whitehouse.com
Tue Sep 20 00:01:14 UTC 2005
bubba_ry at verizon.net wrote:
> I have an FC4 system running BIND 9.3.1 in a chroot'd environment
> (/var/named/chroot). Everything works great as long I don't try to
> split logging into different channels (i.e. default, update, transfer);
> it all gets logged to /var/log/messages. All well and good, but I want
> to be a little tidier...
Try removing the "/usr/logs/named" and see what happens... and go from
there.
>
> If I configure bind to use channels as such:
>
> logging {
> channel default_log {
> file "/usr/logs/named/default.log" versions 7 size 50M;
> severity info;
> print-category yes;
> print-severity yes;
> print-time yes;
> };
>
> category default { default_log; };
>
> };
>
> I get the following error in 'messages':
>
> Sep 19 15:47:27 dns3 named[1568]: isc_log_open
> '/usr/logs/named/default.log' failed: permission denied
>
> I have checked and double-checked the directories in the chroot jail
> and everything is kosher. I even opened the directories and files up
> to the world (chmod 777) to no avail. What am I missing? I've looked
> at the SELinux config and can't seem to find anything that might hinder
> writing to the logs.
>
> TIA,
>
> ry
>
>
More information about the bind-users
mailing list