Error with logging channel audit_log

Mark A. Moore mmoore at osmre.gov
Tue Aug 12 18:57:00 UTC 2008


We need help trying to troubleshoot our issue. We are running RHEL 5.2 and installed the latest version of BIND by following the steps provided by Steve's article in a chroot jail (http://www.unixwiz.net/techtips/bind9-chroot.html). I've added a few additional options recommended by Rob (http://www.cymru.com/Documents/secure-bind-template.html). We are getting an error when BIND starts up regarding our log file. Bind still starts up, but since this error in the messages log, we are not getting any named syslog messages.

The message is:
named[25935]: logging channel 'audit_log' file '/var/log/named.log': file not found

The permission for named.log is a follows -rw-r--r--  root  named.

Here is a partial output of named.conf file:

logging {                                                                                                                   
channel default_syslog {                                                                                                    
// Send most of the named messages to syslog.                                                                               
syslog local2;                                                                                                              
severity debug;                                                                                                             
};                                                                                                                          

channel audit_log {                                                                                                         
// Send the security related messages to a separate file.                                                                   
file "/chroot/named/logs/named.log";                                                                                                  
severity debug;                                                                                                             
print-time yes;                                                                                                             
};                                                                                                                          
                                
category default { default_syslog; };                                 
category general { default_syslog; };                                
category security { audit_log; default_syslog; };                                
category config { default_syslog; };                                
category resolver { audit_log; };                                
category xfer-in { audit_log; };                                
category xfer-out { audit_log; };                                
category notify { audit_log; };                                
category client { audit_log; };                                
category network { audit_log; };                                
category update { audit_log; };                                
category queries { audit_log; };                                
category lame-servers { audit_log; };                                
};                                                                                                                          
                                
// Set options for security                                                                              
options {                                                                                                                   
directory "/conf";                                                                                                          
pid-file "/var/run/named.pid";                                                                                              
statistics-file "/var/run/named.stats";                                                                                     
memstatistics-file "/var/run/named.memstats";                                                                               
dump-file "/var/run/named.dump";           



Thanks in advance for any help given.


More information about the bind-users mailing list