why bind unable to find log files

kshitij mali foreplayboy at gmail.com
Mon Jun 13 05:43:59 UTC 2011


Hi Warren,

please see the error message in /var/log/messages , has i have created the
dir log in the chroot /var/named/chroot/var and created the file
resolver.log and also changed the owner ship of file as well as the dir log
to named

===================================
Jun 13 11:00:23 relay named[14508]: loading configuration from
'/etc/named.conf'
Jun 13 11:00:23 relay named[14508]: logging channel 'resolver_file' file
'/var/log/resolver.log': permission denied
Jun 13 11:00:23 relay kernel: audit(1307943023.256:7): avc:  denied  {
append } for  pid=14511 comm="named" name="resolver.log" dev=cciss/c0d0p2
ino=1391030 scontext=root:system_r:named_t
tcontext=root:object_r:named_conf_t tclass=file
Jun 13 11:00:23 relay named: named reload succeeded
=================================

Regards,
Kshitij

On Sat, Jun 11, 2011 at 7:23 PM, Warren Kumari <warren at kumari.net> wrote:

>
> On Jun 11, 2011, at 4:22 AM, kshitij mali wrote:
>
> > Hi Mark ,
> >
> > Thanks of  taking intreast in my case , yes the rhel4 default bind named
> service is running in chroot jail , know tell we what config changes do i
> nedd to change.
> >
>
> Create a directory inside the chroot jail called var/log/ -- so, if your
> chroot directory is called /foo/bar, create /foor/bar/var/log and make sure
> that bind is allowed to write there…
>
> W
>
>
> > Regards,
> > Kshitij
> >
> > On Sat, Jun 11, 2011 at 7:53 AM, Mark Andrews <marka at isc.org> wrote:
> >
> > Are you starting named with -t <chroot-directory>?  If so you need to
> > look at the path relative to the <chroot-directory>.
> >
> > Mark
> >
> > In message <BANLkTikttvvag6kBophyFXZZLQK+CbtAhw at mail.gmail.com>, kshitij
> mali w
> > rites:
> >> --===============0107398317155429819==
> >> Content-Type: multipart/alternative;
> boundary=20cf3033451dccf8a204a559ffe8
> >>
> >> --20cf3033451dccf8a204a559ffe8
> >> Content-Type: text/plain; charset=ISO-8859-1
> >>
> >> why bind unable to find log files where file is present at location with
> all
> >> permisions
> >> ===================================
> >> tail -f /var/log/messages
> >>
> >> logging channel 'resolver_file' file '/var/log/resolver.log': file not
> found
> >>
> >> ==================================
> >> [root at relay virusmails]# ls -l /var/log/resolver.log
> >> -rwxrwxrwx  1 root root 0 Jun 10 16:52 /var/log/resolver.log
> >> ======================================
> >> below is the named.conf loging declaration
> >> logging {
> >> channel resolver_file { file "/var/log/resolver.log" versions 3 size 5m;
> >> severity debug; print-time
> >> yes; };
> >> category resolver { resolver_file; };
> >>
> >> };
> >> ==================================
> >>
> >> Regards,
> >> Kshitij
> >>
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
> >
> > _______________________________________________
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110613/30b8ab0c/attachment.html>


More information about the bind-users mailing list