BIND 10 #2729: logging of configuration changes
BIND 10 Development
do-not-reply at isc.org
Wed Feb 13 10:44:53 UTC 2013
#2729: logging of configuration changes
-------------------------------------+-------------------------------------
Reporter: cas | Type:
Status: new | defect
Milestone: New Tasks | Priority: low
Keywords: | Component:
Sensitive: 0 | Unclassified
Sub-Project: DNS | CVSS Scoring:
Estimated Difficulty: 0 | Defect Severity: N/A
Total Hours: 0 | Feature Depending on Ticket:
| Add Hours to Ticket: 0
| Internal?: 0
-------------------------------------+-------------------------------------
This might well be an "enhancement", but in my view for a system with
dynamic configuration like BIND 10 the absence of such a feature is a
(minor) defect.
changes in the BIND 10 configuration should be send to the b10-cmdctl log
channel
This is often required as an configuration audit trail by some industries
(banking, pharmaceutical )
The log entry should contain:
* date and time
* username
* name of the changed configuration setting, example:
Logging/loggers[0]/output_options[0]/flush
* old and new value: "true" -> "false"
Same should be logged for state changes (loading / unloading modules,
starting / stopping components). (most state changes are logged but not
the user name who initiated the state change, like with "Boss shutdown").
--
Ticket URL: <http://bind10.isc.org/ticket/2729>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list