hi to All,

I am using RHEL-5 Linux where I have configured master and slave DNS servers.

To check dns zone transfer and any kind of bind error , we use /var/log/messages file. How can I create seperate DNS log file , say /var/log/bindlog so that all DNS errors and info should be logged in such a file.

Can anybody tell me how to configure named.conf to log all bind events in /var/log/bindlog file ?


logging {
channel bindlog {
print-name yes;
print-category yes;
print-severity yes;
}
categorty xfer-out { bindlog;};
categorty xfer-in { bindlog;};
categorty security { bindlog;};

categorty panic { bindlog;};
categorty insist { bindlog;};

};

I have added these parameters in named.conf file , restarted all services but even then no logging inabove file.

Why

Hi again.
You should make some changes in your logging part of named.conf. First of all you should define a log filename. Then some categories do not exist (I guess categorty is just a typo). Anyway you can try this:
In the above example make sure that the directory used for the logfile is writable by the user that runs named.
You can read more about bind logging here

I did mention log file location but forgot to add into forum. I am sorry fot that.

The docs you provided was very helpful.But problem is same.No events are logged in the bindlog file. As per the docs, named users mush have write access to log file, it is already assigned.

What else may be the problem ?

Could you just copy/paste the above snippet into your named.conf, just after the options part and before the start of zone definitions (after making a backup first) to see what happens.

this is the named.conf file snapshot. DNS master and slave is working fine.No problem at all. But events are not logged in the named.log file.

Please check it.


options {

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

/*

*/

// query-source address * port 53;

allow-recursion { 172.16.1.0/24; 172.16.2.0/24; localhost; };

allow-transfer { 172.16.2.6; };

allow-query { 172.16.1.0/24; 172.16.2.0/24; localhost; };

version "[Secured]";


};

zone "." IN {

type hint;

file "named.root";
};

zone "localdomain." IN {

type master;

file "localdomain.zone";

allow-update { none; };
}

;

zone "localhost." IN {

type master;

file "localhost.zone";

allow-update { none; };
};



zone "0.0.127.in-addr.arpa." IN {
type master;
file "named.local";
allow-update { none; };
notify no;
};

zone "8i.net.sa" IN {
type master;
file "8i.net.sa.zone";
allow-update { none; };
allow-transfer { 172.16.2.6; };
notify yes;
allow-query { any; };
};


zone "2.16.172.in-addr.arpa." IN {
type master;
file "8i.net.sa.local";
allow-update { none; };
allow-transfer { 172.16.2.6; };
notify yes;
allow-query { any; };
};


zone "255.in-addr.arpa." IN {
type master;
file "named.broadcast";
allow-update { none; };
};

zone "0.in-addr.arpa." IN {
type master;
file "named.zero";
allow-update { none; };
};


# Use with the following in named.conf, adjusting the allow list as needed:
key "rndckey" {
algorithm hmac-md5;
secret "hM3UJdk9eAL+8pK56X0gng==";
};

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
# End of named.conf
server 172.16.2.6 {
keys { rndckey ;};
};

logging {
channel sachin_debug {
file "/var/log/named.log" versions 3 size 5m;
print-category yes;
severity info;
print-severity yes;
print-time yes;
};
category config {
sachin_debug;
};
category xfer-in {
sachin_debug;
};
category xfer-out {
sachin_debug;
};
category queries {
sachin_debug;
};
};

Are you sure that the user that runs named can write to /var/log/named.log?
I suggest you to change the location of that file to be inside the /var/named directory, just to be sure that the named-user has write permissions. So change the following:

logging {
channel sachin_debug {
file "/var/named/named.log" versions 3 size 5m;
...
...

restart named and check /var/named/named.log

Thanx for replying,
I did the same as you told me to do . But still ,problem not resolved.I changed the named.log file location and assure that named user has write permission access on that file , restarted the named dameon,But named.log fie has no events.

But when i checked tail /var/log/messages file, there was one error :

localhost named [5444]: isc_log_open '/var/named/named.log' failed ermission denied

Why is it so ?

I think the same as you told permission error.But I had assigned full permission by:

# chmod 777 /var/named/named.log

so why this error??

What should I do next ?

You should double check the directories/files permissions, or post the output of:
Another think you should check, is that it's not a SeLinux issue or that named is running chrooted.

This is the output of commands you required. Anyhow I assign the permissions and change the ownership to named user, now there is no such error as permission denied.but still no logging in the named.log file.
What else should I do now ?

NO PERMISSION DENIED ERROR NOW, BUT STILL NO LOGGING




[root@test4 ~]# ls -l /var

total 220
drwxr-xr-x 2 root root 4096 Sep 9 11:18 account
drwxr-xr-x 2 pcap pcap 4096 Sep 12 15:18 arpwatch
drwxr-xr-x 13 root root 4096 Sep 9 11:36 cache
drwxr-xr-x 2 root root 4096 Jan 24 2007 crash
drwxr-xr-x 2 root root 4096 Dec 7 2006 cvs
drwxr-xr-x 3 root root 4096 Sep 9 11:19 db
drwxr-xr-x 3 root root 4096 Sep 9 11:18 empty
drwxr-xr-x 3 root root 4096 Sep 9 11:23 ftp
drwxr-xr-x 2 root root 4096 Oct 11 2006 games
drwxrwx--T 2 root gdm 4096 Sep 17 10:00 gdm
drwxr-xr-x 3 root root 4096 Sep 9 11:29 kerberos
drwxr-xr-x 44 root root 4096 Sep 12 12:13 lib
drwxr-xr-x 2 root root 4096 Oct 11 2006 local
drwxrwxr-x 10 root lock 4096 Sep 17 09:42 lock
drwxr-xr-x 26 root root 4096 Sep 17 09:42 log
lrwxrwxrwx 1 root root 10 Sep 9 11:15 mail -> spool/mail
drwxrwxrwx 5 named named 4096 Sep 16 14:53 named
drwx------ 2 root root 4096 Sep 17 09:42 net-snmp
drwxr-xr-x 2 root root 4096 Oct 11 2006 nis
drwxr-xr-x 2 root root 4096 Oct 11 2006 opt
drwxr-xr-x 2 root root 4096 Oct 11 2006 preserve
drwxr-xr-x 2 root root 4096 Oct 1 2006 racoon
drwxr-xr-x 33 root root 4096 Sep 17 09:42 run
drwxr-xr-x 24 root root 4096 Sep 9 11:29 spool
drwxrwxrwt 3 root root 4096 Sep 12 12:47 tmp
drwx------ 2 root root 4096 Aug 23 2006 tux
drwx------ 2 root bin 4096 Sep 12 12:50 webmin
drwxr-xr-x 9 root root 4096 Sep 9 11:28 www
drwxr-xr-x 3 root root 4096 Sep 9 11:28 yp
[root@test4 ~]#

[root@test4 ~]# ls -l /var/named
total 28
drwxr-x--- 6 named named 4096 Sep 10 12:14 chroot
drwxrwx--- 2 named named 4096 Sep 16 14:53 data
-rwxrwxrwx+ 1 named named 0 Sep 16 09:41 named.log
drwxrwx--- 2 named named 4096 Jan 17 2007 slaves
[root@test4 ~]#

[root@test4 ~]# ps -ef |grep named
named 2233 1 0 09:42 ? 00:00:00 /usr/sbin/named -u named -t /var/named/chroot
root 5176 5013 0 10:02 pts/4 00:00:00 grep named
[root@test4 ~]#

So you running named chrooted.
In that case all your logs should be under /var/named/chroot/var/named/named.log

I found the log files in this location. But why is this so ? Means when i specify the exact location of log file in named.conf file, then why log files are created in this lcoation ? And what does it means when named is running under chroot environement as you said .OR it means when named services are running chroot jail, log files will only be created in this location as you mentioned?

If i have to created log files in different location as earlier, say /var/log/named.log, then what shall I have to do ?

Many thanks for resolving this query. I was stucked in this problem frm last one week.