Logging while chrooted.
Brian Johnson
bjohnson at johnson-engineering.ca
Wed Jul 13 18:40:50 UTC 2005
I paniced when I saw this come through.
Brian Johnson
Brian Johnson (bjohnson at drtel.com) wrote:
>
> So in the config I need to specify a file relative to the actual root of the
> machine or relative to the chroot folder?
>
> - Brian J
>
> > -----Original Message-----
> > From: aklist_bind at enigmedia.com [mailto:aklist_bind at enigmedia.com]
> > Sent: Wednesday, July 13, 2005 11:57 AM
> > To: bjohnson at drtel.com
> > Subject: Re: Logging while chrooted.
> >
> > put the log directory below the chroot directory
> >
> > ----- Original Message -----
> > From: "Brian Johnson" <bjohnson at drtel.com>
> > To: <bind-users at isc.org>
> > Sent: Wednesday, July 13, 2005 12:34 PM
> > Subject: Logging while chrooted.
> >
> >
> > >I am having a few issues attempting to log to a file while
> > chrooted. My
> > > understanding is that when chrooted, the named system only
> > sees items in
> > > the
> > > jail. When I set a logging directive and send things to a
> > file. I am
> > > getting
> > > the following errors.
> > >
> > > Jul 13 10:46:18 isp01 named[29712]: isc_log_open
> > '/var/log/named.log'
> > > failed: permission denied
> > >
> > > This folder exists within the jail and is owned by the user
> > named runs as.
> > >
> > > Here is my named.conf logging directive:
> > >
> > > logging {
> > > channel "default_syslog" {
> > > // Send most of the named messages to syslog.
> > > syslog local2;
> > > severity debug;
> > > };
> > > channel audit_log {
> > > // Send the security related messages to a separate file.
> > > file "/var/log/named.log";
> > > severity debug;
> > > print-time yes;
> > > };
> > > category default { default_syslog; };
> > > category general { default_syslog; };
> > > category security { audit_log; default_syslog; };
> > > category config { default_syslog; };
> > > category resolver { audit_log; };
> > > category xfer-in { audit_log; };
> > > category xfer-out { audit_log; };
> > > category notify { audit_log; };
> > > category client { audit_log; };
> > > category network { audit_log; };
> > > category update { audit_log; };
> > > category queries { audit_log; };
> > > category lame-servers { audit_log; };
> > > };
> > >
> > > Any help would be appreciated.
> > >
> > > TIA
> > >
> > > - Brian J.
> > >
> > >
> >
> >
>
>
>
More information about the bind-users
mailing list