SlackwareThis Forum is for the discussion of Slackware Linux.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Unlike a conventional jailbird, BIND can't just scribble its log entries on the walls :-). Normally, BIND logs through syslogd, the system logging daemon. However, this type of logging is performed by sending the log entries to the special socket /dev/log. Since this is outside the jail, BIND can't use it any more. Fortuantely, there are a couple options to work around this.
The Ideal Solution
The ideal solution to this dilemma requires a reasonably recent version of syslogd which supports the -a switch introduced by OpenBSD. Check the manpage for your syslogd(8) to see if you have such a version.
If you do, all you have to do is add the switch ``-a /chroot/named/dev/log'' to the command line when you launch syslogd. On systems which use a full SysV-init (which includes most Linux distributions), this is typically done in the file /etc/rc.d/init.d/syslog. For example, on my Red Hat Linux system, I changed the line
daemon syslogd -m 0
daemon syslogd -m 0 -a /chroot/named/dev/log
Interestingly, as of Red Hat 7.2, Red Hat has apparently made this process even easier. There is now a file called /etc/sysconfig/syslog in which extra parameters for syslogd can be defined.
On Caldera OpenLinux systems, they use a daemon launcher called ssd, which reads configuration from /etc/sysconfig/daemons/syslog. You simply need to modify the options line to look like this:
OPTIONS_SYSLOGD="-m 0 -a /chroot/named/dev/log"
Similarly, on SuSE systems, I'm told that the best place to add this switch is in the /etc/rc.config file. Changing the line
should do the trick.
And, last but not least, for FreeBSD 4.3 you can apparently just edit the rc.conf file and put in the following:
syslogd_flags="-s -l /chroot/named/dev/log"
The -s is for security reasons, and is part of the default settings. The -l is a local path on which to put another logging node.
Once you've figured out how to make this change for your system, simply restart syslogd, either by killing it and launching it again (with the extra parameters), or by using the SysV-init script to do it for you:
Once it's been restarted, you should see a ``file'' in /chroot/named/dev called log, that looks something like this:
srw-rw-rw- 1 root root 0 Mar 13 20:58 log
The Other Solutions
If you have an older syslogd, then you'll have to find another way to do your logging. There are a couple programs out there, such as holelogd, which are designed to help by acting as a ``proxy'' and accepting log entries from the chrooted BIND and passing them out to the regular /dev/log socket.
Alteratively, you can simply configure BIND to log to files instead of going through syslog. See the BIND documentation for more details if you choose to go this route.
Question is, what happens if I do something similar to this:
daemon syslogd -m 0 -a /chroot/named/dev/log
in /etc/rc.d/rc.syslog where, I think, it would look like
if [ -x /usr/sbin/syslogd -a -x /usr/sbin/klogd ]; then
echo -n "Starting sysklogd daemons: "
echo -n "/usr/sbin/syslogd "
/usr/sbin/syslogd -m 0 -a /chroot/named/dev/log
# prevent syslogd/klogd race condition on SMP kernels
if ps acx | grep -q udevd ; then
while [ ! -e /dev/log ] ; do
echo "/usr/sbin/klogd -c 3 -x"
# '-c 3' = display level 'error' or higher messages on console
# '-x' = turn off broken EIP translation
/usr/sbin/klogd -c 3 -x
I'm trying to run BIND in jail, but I'm wondering if everything will get logged in the jail?
Or is there a better way?
Other daemons; e.g., hp-upgrade, apcupsd, write to syslog -- seems like that could cause a problem, so maybe figuring out how to have BIND log would be worthwhile?
I use file option, the top directory is chroot, example file "/logs/named.log", the file is actually in /chroot/logs/named.log; and change severity to debug if you want to log everything.
just create new/modify syslog file in /etc/logrotate.d, if you need back up and gzip log file for backup.
under category, you find different subsections (general,network,security,database,etc... beside default) you can add more channels into logging section, if you want to split up logging event to different files.
within chroot, your log file is under /yourlogdir directory(no need to specify full directory tree.) For your file system, which is located under /chroot/yourlogdir/,so your back system can locate your file for backup.
named hasn't required the use of syslogd for years now, so yes you can omit the config line to enable it and just log directly to files you specify.
Also if you want log rotation named will do it itself just look at the end of the lines quoted by number22 and you will see the number of files as 'version #' and the max file size for each as 'size #'