Disable log message

Warren Kumari warren at kumari.net
Sat Oct 20 01:22:14 UTC 2012


On Oct 19, 2012, at 9:17 PM, "Michael Hoskins (michoski)" <michoski at cisco.com> wrote:

> -----Original Message-----
> 
> From: Warren Kumari <warren at kumari.net>
> Date: Friday, October 19, 2012 8:56 PM
> To: Alan Clegg <alan at clegg.com>
> Cc: "bind-users at isc.org" <bind-users at isc.org>
> Subject: Re: Disable log message
> 
>> 
>> On Oct 19, 2012, at 6:13 PM, Alan Clegg <alan at clegg.com> wrote:
>> 
>>> 
>>> On Oct 18, 2012, at 1:13 PM, Chris Thompson <cet1 at cam.ac.uk> wrote:
>>> 
>>>> On Oct 18 2012, Jeremy C. Reed wrote:
>>>> 
>>>>> On Thu, 18 Oct 2012, Jack Tavares wrote:
>>>>> 
>>>>>> I  am running bind9.8.x built from source and I see this message in
>>>>>> the logs
>>>>>> built with '--prefix=/blah' '--sbindir=/blah' '--sysconfdir=/blah'
>>>>>> '--localstatedir=/var' '--exec-prefix=/usr' '--libdir=/usr/lib'
>>>>>> '--mandir=/usr/share/man' '--with-openssl=/blah'
>>>>>> '--enable-fixed-rrset' '--enable-shared' '--enable-threads'
>>>>>> '--enable-ipv6' '--with-libtool'  etc etc etc I would prefer to not
>>>>>> have that show up in the log.
>>>>>> Short of modifying the source, is there an easy way to disable that?
>>>>> 
>>>>> No way to disable just it. It is in the "general" catch-all category.
>>>> 
>>>> Also, it is output before the configuration "logging" directives have
>>>> been
>>>> processed, so it comes out with the internal defaults for category and
>>>> priority (daemon.notice). Any suppression would need to be done at the
>>>> syslog level.
>>>> 
>>>> But I have some difficulty understanding why anyone would want it
>>>> suppressed.
>>>> It's true that BIND is a bit noisier than it used to be at this stage,
>>>> but
>>>> can this really be a problem? Do you let the black hats see your
>>>> system logs?
>>> 
>>> 
>>> This message was added by general recognition that being able to
>>> rebuild a "drop-in" binary for BIND when you didn't have access to the
>>> build directory (where the config.log contains the information) was a
>>> good thing.
>> 
>> Yah, a very good thingŠ This has been really really useful to me on a
>> number of occasionsŠ
>> 
>>> 
>>> I, for one, see no reason to suppress this message (but I do have blind
>>> spots at times).
>> 
>> Me neither, but I am interested why folk might want toŠ
> 
> Maybe it's viewed as information disclosure?

Ah, that's a good point, especially if BIND is being incorporated into an appliance / black box and there is no need for the users of the appliance to know what all goes on under the hood?

W

>  It's always good to give
> folks a choice -- what's useful for some (or others, like me, don't care
> about at all) will be annoying to others.
> 

--
"Go on, prove me wrong. Destroy the fabric of the universe. See if I care."  -- Terry Prachett 





More information about the bind-users mailing list