Disable log message

Chris Buxton chris.p.buxton at gmail.com
Sat Oct 20 03:57:18 UTC 2012


On Oct 19, 2012, at 6:22 PM, Warren Kumari wrote:
> On Oct 19, 2012, at 9:17 PM, "Michael Hoskins (michoski)" <michoski at cisco.com> wrote:
>> -----Original Message-----
>>> On Oct 19, 2012, at 6:13 PM, Alan Clegg <alan at clegg.com> wrote:
>>> 
>>>> 
>>>> On Oct 18, 2012, at 1:13 PM, Chris Thompson <cet1 at cam.ac.uk> wrote:
>>>> 
>>>>> On Oct 18 2012, Jeremy C. Reed wrote:
>>>>> 
>>>>>> On Thu, 18 Oct 2012, Jack Tavares wrote:
>>>>>> 
>>>>>>> I  am running bind9.8.x built from source and I see this message in
>>>>>>> the logs
>>>>>>> built with '--prefix=/blah' '--sbindir=/blah' '--sysconfdir=/blah'
>>>>>>> '--localstatedir=/var' '--exec-prefix=/usr' '--libdir=/usr/lib'
>>>>>>> '--mandir=/usr/share/man' '--with-openssl=/blah'
>>>>>>> '--enable-fixed-rrset' '--enable-shared' '--enable-threads'
>>>>>>> '--enable-ipv6' '--with-libtool'  etc etc etc I would prefer to not
>>>>>>> have that show up in the log.
>>>>>>> Short of modifying the source, is there an easy way to disable that?
>>>>>> 
>>>>>> No way to disable just it. It is in the "general" catch-all category.
>>>>> 
>>>>> Also, it is output before the configuration "logging" directives have
>>>>> been
>>>>> processed, so it comes out with the internal defaults for category and
>>>>> priority (daemon.notice). Any suppression would need to be done at the
>>>>> syslog level.
>>>>> 
>>>>> But I have some difficulty understanding why anyone would want it
>>>>> suppressed.
>>>>> It's true that BIND is a bit noisier than it used to be at this stage,
>>>>> but
>>>>> can this really be a problem? Do you let the black hats see your
>>>>> system logs?
>>>> 
>>>> 
>>>> This message was added by general recognition that being able to
>>>> rebuild a "drop-in" binary for BIND when you didn't have access to the
>>>> build directory (where the config.log contains the information) was a
>>>> good thing.
>>> 
>>> Yah, a very good thingŠ This has been really really useful to me on a
>>> number of occasionsŠ
>>> 
>>>> 
>>>> I, for one, see no reason to suppress this message (but I do have blind
>>>> spots at times).
>>> 
>>> Me neither, but I am interested why folk might want toŠ
>> 
>> Maybe it's viewed as information disclosure?
> 
> Ah, that's a good point, especially if BIND is being incorporated into an appliance / black box and there is no need for the users of the appliance to know what all goes on under the hood?

An an employee of the maker of an appliance solution, I can say that we gladly tell our customers what's going on under the hood. If we didn't, they wouldn't trust us.

Chris Buxton
BlueCat Networks


More information about the bind-users mailing list