Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I tried to set up BIND 9 to log to custom logfiles. Bind starts fine but I do get the following relevant errors in /var/log/messages:
Code:
Mar 7 03:59:16 brutus named[10207]: logging channel 'update_debug' file '/var/log/named/named_update.log': file not found
Mar 7 03:59:16 brutus named[10207]: logging channel 'security_info' file '/var/log/named/named_auth.log': file not found
Mar 7 03:59:16 brutus named[10207]: logging channel 'info' file '/var/log/named/named_info.log': file not found
here is what I did:
ls -la of /var/log/named ----- Permissions should be ok
Code:
total 12K
drwxr-x--- 2 named named 4.0K Mar 7 03:53 .
drwxr-xr-x 11 root root 4.0K Mar 7 04:14 ..
-rw------- 1 named named 0 Mar 4 04:55 named_auth.log
-rw------- 1 named named 0 Mar 7 03:53 named_info.log
-rw------- 1 named named 0 Mar 4 04:55 named_update.log
Bind configuration file
Code:
#Set some global options - forward if not in cache to SSSnet nameservers
options {
directory "/var/named/";
auth-nxdomain yes;
forwarders {
super-secret-ip
super-secret-ip
};
forward first;
};
key DNS-UPD {
algorithm hmac-md5;
secret ipg9BJn8h6SGWlDRJYCDyg==;
};
zone "." {
type hint;
file "named.ca";
};
zone "home.lnx" {
type master;
file "named.home.lnx";
allow-update { key DNS-UPD; };
};
zone "1.168.192.in-addr.arpa" {
type master;
file "named.1.168.192.in-addr.arpa";
allow-update { key DNS-UPD; };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
allow-update { key DNS-UPD; };
};
logging {
channel update_debug {
file "/var/log/named/named_update.log";
severity debug 5;
print-time yes;
print-severity yes;
print-category yes;
};
channel security_info {
file "/var/log/named/named_auth.log";
severity notice;
print-time yes;
print-severity yes;
print-category yes;
};
channel info {
file "/var/log/named/named_info.log";
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category update { update_debug; };
category security { security_info; };
category queries { info; };
};
try to check, if your bind9 running in chroot, if you have created log directory.
Example:
bind9 running in chroot:
/var/named/chroot - you need to create dir /var/named/chroot/var/log, because your bind is running in /var/named but under chroot.
Maybe it can help ;-)
Thanks for the reply, I forgot to close this post. I have this posted again somewhere in the forums here I think. Either way I think this actually is the problem I am having I am running named in a chroot and trying to log to /var/log/named/foo.log.
Thank you for your time and advice, sorry I didn't close this out.
But first be sure that the permissions on /var/log/named_auth.log and others are correct. Best case scenario is named is owner and group, owner with permissions of 0640.
If permissions aren't your problem that chroot probably is.
Yes you should put the log directory under /var/lib/named/var/ or perhaps /var/lib/named. I would prefer /var/lib/named/var as to follow FHS considering the chroot jail.
This is all making the assumption that /var/lib/named is where named is being chrooted at, and it more than likely is. Check your configuration file to be certain.
This is the log dir
qa-dhcp-01:/var/lib/named/var/log# ls -l
-rw-r----- 1 bind bind 0 2009-01-23 10:00 named_auth.log
-rw-r----- 1 bind bind 0 2009-01-23 10:00 named_info.log
-rw-r----- 1 bind bind 0 2009-01-23 10:00 named_update.log
And yet, the daemon.log states (of course, after bind9 restart):
Jan 23 10:02:13 qa-dhcp-01 named[7788]: logging channel 'update_debug' file '/var/lib/named/var/log/named_update.log': file not found
Jan 23 10:02:13 qa-dhcp-01 named[7788]: logging channel 'security_info' file '/var/lib/named/var/log/named_auth.log': file not found
Jan 23 10:02:13 qa-dhcp-01 named[7788]: logging channel 'info' file '/var/lib/named/var/log/named_info.log': file not found
As you have currently configured, BIND 9 is trying to look in /var/lib/named for /var/lib/named/var/log/named_update.log.
You would want to change your log directory to just be /var/log/ rather than /var/lib/named/var/log.
Some daemons will process all the configurations and then drop into a chroot jail. Others, such as BIND 9 will only read the configuration file and do some other important things like open sockets/ports, go to a jail then deal with finding log files.
I have configure a LAN dns server but I get an error when i check configurations as below
No Error
Mats:/var/chroot/bind9/etc/bind# named-checkzone vun.lan. db.vun.lan
zone vun.lan/IN: loaded serial 20090521
OK
Mats:/var/chroot/bind9/etc/bind#
Error
Mats:/var/chroot/bind9/etc/bind# named-checkzone vun.lan. db.1.168.192.in-addr.arpa
zone vun.lan/IN: NS 'Mats.vun.lan' has no address records (A or AAAA)
zone vun.lan/IN: loaded serial 20090521
OK
Mats:/var/chroot/bind9/etc/bind#
How can I get ride of that error, below are my zone files
zone.vun.lan
Mats:/var/chroot/bind9/etc/bind# cat db.vun.lan
$TTL 172800
@ IN SOA Mats.vun.lan. info.vun.lan. (
20090521; serial-no
36000; refresh, seconds
18000; retry, seconds
518400; expiry, seconds
172800; minimum-TTL, seconds
)
@ IN NS Mats.vun.lan.
@ IN MX 10 Mats.vun.lan.
Mats.vun.lan. IN A 192.168.1.43
www IN A 192.168.1.43
Mats:/var/chroot/bind9/etc/bind#
REVERSE ZONE
Mats:/var/chroot/bind9/etc/bind# cat db.1.168.192.in-addr.arpa
$TTL 172800
@ IN SOA Mats.vun.lan. info.vun.lan. (
20090521; serial-no
36000; refresh, seconds
18000; retry, seconds
518400; expiry, seconds
172800; minimum-TTL, seconds
)
@ IN NS Mats.vun.lan.
192.168.1.43 IN PTR Mats.vun.lan.
Mats:/var/chroot/bind9/etc/bind#
Below r my Zone Files
Mats:/var/chroot/bind9/etc/bind# cat db.vun.lan
;
; BIND data file for vun.lan
;
$TTL 604800
@ IN SOA Mats.vun.lan. admin.vun.lan. (
20090524 ; serial
7200 ; Refresh
120 ; Retry
2419200 ; Expiry
604800 ; Default TTL
)
@ IN NS Mats.vun.lan.
@ IN NS Mon.vun.lan.
@ IN A 192.168.1.15
@ IN A 192.168.1.43
@ IN MX 10 Mats.vun.lan.
Mats IN A 192.168.1.43
vun.lan.IN A 192.168.1.43
Mon IN A 192.168.1.15
www IN CNAME Mats
Mats:/var/chroot/bind9/etc/bind#
Mats:/var/chroot/bind9/etc/bind# cat db.1.168.192.rev
;
; BIND data file for 1.168.192
;
$TTL 604800
$ORIGIN 1.1.168.192.in-addr-arpa.
@ IN SOA Mats.vun.lan. admin.vun.lan. (
20090524 ; serial
604800 ; Refresh
120 ; Retry
2419200 ; Expiry
604800 ; Default TTL
)
IN NS Mats.vun.lan.
IN NS Mon.vun.lan.
43 IN PTR Mats.vun.lan.
43 IN PTR vun.lan.
15 IN PTR Mon.vun.lan.
Mats:/var/chroot/bind9/etc/bind#
I have configure a LAN dns server but I get an error when i check configurations as below
No Error
Mats:/var/chroot/bind9/etc/bind# named-checkzone vun.lan. db.vun.lan
zone vun.lan/IN: loaded serial 20090521
OK
Mats:/var/chroot/bind9/etc/bind#
Error
Mats:/var/chroot/bind9/etc/bind# named-checkzone vun.lan. db.1.168.192.in-addr.arpa
zone vun.lan/IN: NS 'Mats.vun.lan' has no address records (A or AAAA)
zone vun.lan/IN: loaded serial 20090521
OK
Mats:/var/chroot/bind9/etc/bind#
How can I get ride of that error, below are my zone files
zone.vun.lan
Mats:/var/chroot/bind9/etc/bind# cat db.vun.lan
$TTL 172800
@ IN SOA Mats.vun.lan. info.vun.lan. (
20090521; serial-no
36000; refresh, seconds
18000; retry, seconds
518400; expiry, seconds
172800; minimum-TTL, seconds
)
@ IN NS Mats.vun.lan.
@ IN MX 10 Mats.vun.lan.
Mats.vun.lan. IN A 192.168.1.43
www IN A 192.168.1.43
Mats:/var/chroot/bind9/etc/bind#
REVERSE ZONE
Mats:/var/chroot/bind9/etc/bind# cat db.1.168.192.in-addr.arpa
$TTL 172800
@ IN SOA Mats.vun.lan. info.vun.lan. (
20090521; serial-no
36000; refresh, seconds
18000; retry, seconds
518400; expiry, seconds
172800; minimum-TTL, seconds
)
@ IN NS Mats.vun.lan.
192.168.1.43 IN PTR Mats.vun.lan.
Mats:/var/chroot/bind9/etc/bind#
Below r my Zone Files
Mats:/var/chroot/bind9/etc/bind# cat db.vun.lan
;
; BIND data file for vun.lan
;
$TTL 604800
@ IN SOA Mats.vun.lan. admin.vun.lan. (
20090524 ; serial
7200 ; Refresh
120 ; Retry
2419200 ; Expiry
604800 ; Default TTL
)
@ IN NS Mats.vun.lan.
@ IN NS Mon.vun.lan.
@ IN A 192.168.1.15
@ IN A 192.168.1.43
@ IN MX 10 Mats.vun.lan.
Mats IN A 192.168.1.43
vun.lan.IN A 192.168.1.43
Mon IN A 192.168.1.15
www IN CNAME Mats
Mats:/var/chroot/bind9/etc/bind#
Mats:/var/chroot/bind9/etc/bind# cat db.1.168.192.rev
;
; BIND data file for 1.168.192
;
$TTL 604800
$ORIGIN 1.1.168.192.in-addr-arpa.
@ IN SOA Mats.vun.lan. admin.vun.lan. (
20090524 ; serial
604800 ; Refresh
120 ; Retry
2419200 ; Expiry
604800 ; Default TTL
)
IN NS Mats.vun.lan.
IN NS Mon.vun.lan.
43 IN PTR Mats.vun.lan.
43 IN PTR vun.lan.
15 IN PTR Mon.vun.lan.
Mats:/var/chroot/bind9/etc/bind#
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
DNS error
