Impossible to activate logging
Anand Buddhdev
anandb at ripe.net
Thu Jan 18 12:01:34 UTC 2018
On 18/01/2018 11:36, Pierre Couderc wrote:
Hi Pierre,
> under systemd, and under a lxd stretch container in a minimal stretch host.
>
> I get :
>
> Jan 18 10:21:13 bind named[893]: command channel listening on ::1#953
> Jan 18 10:21:13 bind named[893]: isc_file_isplainfile
> '/var/log/bind/bind.log' failed: permission denied
> Jan 18 10:21:13 bind named[893]: configuring logging: permission denied
> Jan 18 10:21:13 bind named[893]: loading configuration: permission denied
> Jan 18 10:21:13 bind named[893]: exiting (due to fatal error)
> ...
>
> And I do not use apparmor and :
>
> root at bind:~# ls -lh /var/log
> total 512K
> -rw-r--r-- 1 root root 7.9K Dec 22 12:19 alternatives.log
> drwxr-xr-x 1 root root 60 Dec 23 00:09 apt
> drwxrwxrwx 1 bind bind 16 Jan 18 09:22 bind
> -rw-r--r-- 1 root root 262K Oct 21 00:48 bootstrap.log
> -rw------- 1 root utmp 4.2K Jan 16 07:46 btmp
> -rw-r--r-- 1 root root 129K Dec 23 00:09 dpkg.log
> -rw-r--r-- 1 root root 3.4K Dec 22 12:20 faillog
> -rw-rw-r-- 1 root utmp 31K Jan 18 07:35 lastlog
> -rw-rw-r-- 1 root utmp 88K Jan 18 07:35 wtmp
> root at bind:~# ls -lh /var/log/bind/
> total 4.0K
> -rwxrwxrwx 1 bind bind 217 Jan 18 09:22 bind.log
I don't know what the function "isc_file_isplainfile" checks for, but
perhaps the executable bits on the file are causing the failure. Log
files shouldn't be executable, so you normally need mode 0644 for them.
Try changing the mode, and seeing if that helps.
Regards,
Anand
More information about the bind-users
mailing list