Error with logging channel audit_log
Mark A. Moore
mmoore at osmre.gov
Tue Aug 12 18:57:00 UTC 2008
We need help trying to troubleshoot our issue. We are running RHEL 5.2 and installed the latest version of BIND by following the steps provided by Steve's article in a chroot jail (http://www.unixwiz.net/techtips/bind9-chroot.html). I've added a few additional options recommended by Rob (http://www.cymru.com/Documents/secure-bind-template.html). We are getting an error when BIND starts up regarding our log file. Bind still starts up, but since this error in the messages log, we are not getting any named syslog messages.
The message is:
named[25935]: logging channel 'audit_log' file '/var/log/named.log': file not found
The permission for named.log is a follows -rw-r--r-- root named.
Here is a partial output of named.conf file:
logging {
channel default_syslog {
// Send most of the named messages to syslog.
syslog local2;
severity debug;
};
channel audit_log {
// Send the security related messages to a separate file.
file "/chroot/named/logs/named.log";
severity debug;
print-time yes;
};
category default { default_syslog; };
category general { default_syslog; };
category security { audit_log; default_syslog; };
category config { default_syslog; };
category resolver { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { audit_log; };
category lame-servers { audit_log; };
};
// Set options for security
options {
directory "/conf";
pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";
memstatistics-file "/var/run/named.memstats";
dump-file "/var/run/named.dump";
Thanks in advance for any help given.
More information about the bind-users
mailing list