<div>Hi Warren,</div>
<div> </div>
<div>please see the error message in /var/log/messages , has i have created the dir log in the chroot /var/named/chroot/var and created the file resolver.log and also changed the owner ship of file as well as the dir log to named</div>
<div> </div>
<div>===================================</div>
<div>Jun 13 11:00:23 relay named[14508]: loading configuration from '/etc/named.conf'<br>Jun 13 11:00:23 relay named[14508]: logging channel 'resolver_file' file '/var/log/resolver.log': permission denied<br>
Jun 13 11:00:23 relay kernel: audit(1307943023.256:7): avc: denied { append } for pid=14511 comm="named" name="resolver.log" dev=cciss/c0d0p2 ino=1391030 scontext=root:system_r:named_t tcontext=root:object_r:named_conf_t tclass=file<br>
Jun 13 11:00:23 relay named: named reload succeeded<br>=================================</div>
<div> </div>
<div>Regards,</div>
<div>Kshitij<br><br></div>
<div class="gmail_quote">On Sat, Jun 11, 2011 at 7:23 PM, Warren Kumari <span dir="ltr"><<a href="mailto:warren@kumari.net">warren@kumari.net</a>></span> wrote:<br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">
<div class="im"><br>On Jun 11, 2011, at 4:22 AM, kshitij mali wrote:<br><br>> Hi Mark ,<br>><br>> Thanks of taking intreast in my case , yes the rhel4 default bind named service is running in chroot jail , know tell we what config changes do i nedd to change.<br>
><br><br></div>Create a directory inside the chroot jail called var/log/ -- so, if your chroot directory is called /foo/bar, create /foor/bar/var/log and make sure that bind is allowed to write there…<br>
<div>
<div></div>
<div class="h5"><br>W<br><br><br>> Regards,<br>> Kshitij<br>><br>> On Sat, Jun 11, 2011 at 7:53 AM, Mark Andrews <<a href="mailto:marka@isc.org">marka@isc.org</a>> wrote:<br>><br>> Are you starting named with -t <chroot-directory>? If so you need to<br>
> look at the path relative to the <chroot-directory>.<br>><br>> Mark<br>><br>> In message <<a href="mailto:BANLkTikttvvag6kBophyFXZZLQK%2BCbtAhw@mail.gmail.com">BANLkTikttvvag6kBophyFXZZLQK+CbtAhw@mail.gmail.com</a>>, kshitij mali w<br>
> rites:<br>>> --===============0107398317155429819==<br>>> Content-Type: multipart/alternative; boundary=20cf3033451dccf8a204a559ffe8<br>>><br>>> --20cf3033451dccf8a204a559ffe8<br>>> Content-Type: text/plain; charset=ISO-8859-1<br>
>><br>>> why bind unable to find log files where file is present at location with all<br>>> permisions<br>>> ===================================<br>>> tail -f /var/log/messages<br>>><br>
>> logging channel 'resolver_file' file '/var/log/resolver.log': file not found<br>>><br>>> ==================================<br>>> [root@relay virusmails]# ls -l /var/log/resolver.log<br>
>> -rwxrwxrwx 1 root root 0 Jun 10 16:52 /var/log/resolver.log<br>>> ======================================<br>>> below is the named.conf loging declaration<br>>> logging {<br>>> channel resolver_file { file "/var/log/resolver.log" versions 3 size 5m;<br>
>> severity debug; print-time<br>>> yes; };<br>>> category resolver { resolver_file; };<br>>><br>>> };<br>>> ==================================<br>>><br>>> Regards,<br>>> Kshitij<br>
>><br>> --<br>> Mark Andrews, ISC<br>> 1 Seymour St., Dundas Valley, NSW 2117, Australia<br>> PHONE: +61 2 9871 4742 INTERNET: <a href="mailto:marka@isc.org">marka@isc.org</a><br>><br>
</div></div>> _______________________________________________<br>> bind-users mailing list<br>> <a href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a><br>> <a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
<br></blockquote></div><br>