Logging while chrooted.
Jim Popovitch
jimpop at yahoo.com
Wed Jul 13 23:53:38 UTC 2005
Just in case (and top-posted too!) you never got the scopp on this, the
log file path setting is specific to the chroot. So, if chroot'ing
bind, you need the path specified in named.conf to be *local* to the
chroot. If your named.conf says the log file is /var/blah/named-logs,
and your chroot is /home/named, then the absolute path would be:
/home/named/var/blah/named-logs.
hth, sftp,
-Jim P.
On Wed, 2005-07-13 at 11:34 -0500, Brian Johnson wrote:
> I am having a few issues attempting to log to a file while chrooted. My
> understanding is that when chrooted, the named system only sees items in the
> jail. When I set a logging directive and send things to a file. I am getting
> the following errors.
>
> Jul 13 10:46:18 isp01 named[29712]: isc_log_open '/var/log/named.log'
> failed: permission denied
>
> This folder exists within the jail and is owned by the user named runs as.
>
> Here is my named.conf logging directive:
>
> logging {
> channel "default_syslog" {
> // Send most of the named messages to syslog.
> syslog local2;
> severity debug;
> };
> channel audit_log {
> // Send the security related messages to a separate file.
> file "/var/log/named.log";
> severity debug;
> print-time yes;
> };
> category default { default_syslog; };
> category general { default_syslog; };
> category security { audit_log; default_syslog; };
> category config { default_syslog; };
> category resolver { audit_log; };
> category xfer-in { audit_log; };
> category xfer-out { audit_log; };
> category notify { audit_log; };
> category client { audit_log; };
> category network { audit_log; };
> category update { audit_log; };
> category queries { audit_log; };
> category lame-servers { audit_log; };
> };
>
> Any help would be appreciated.
>
> TIA
>
> - Brian J.
>
>
More information about the bind-users
mailing list