LinuxQuestions.org - BIND9 non logging

LinuxQuestions.org (/questions/)

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - BIND9 non logging (https://www.linuxquestions.org/questions/linux-server-73/bind9-non-logging-851593/)

ddaas

12-21-2010 08:18 AM

BIND9 non logging

Hi,
I have ununtu 10.10 server with bind9.

In named.conf.options

Code:

logging { 

        channel my_log { 

                file "/var/log/bind.log" versions 10 size 5M; 

                severity info;

                print-time yes;

                print-category yes;

                print-severity yes; 

        };  



        category queries { my_log; };  

        category default { my_log; };  

};

The file /var/log/bind.log exists and belongs to bind.
Bind9 doesn't seem to run in chroot mode. It is the default instalation, named is in /usr/sbin and the config files are in /etc/bind

The problem is that it doesn't log a thing.

If I am using syslog under channel it logs.

Any ideea?

bathory

12-21-2010 09:13 AM

Hi,

Your configuration for logging looks ok. Check if the file is open by the bind user:

Code:

lsof|grep bind.log

Also what gives

Code:

rndc status|grep query

If it's set to OFF, run

Code:

rndc querylog

to set it to ON again

Regards

ddaas

12-21-2010 09:51 AM

lsof doesn't return anything. I think here is the problem. But what?

But I have:

Code:

# rndc status

version: 9.7.1-P2

CPUs found: 2

worker threads: 2

number of zones: 33

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is ON

recursive clients: 0/0/1000

tcp clients: 0/100

server is up and running

then:

Code:

ls -l /var/log/bind.log 

-rw-r----- 1 bind bind 1 2010-12-21 15:31 /var/log/bind.log

and

Code:

 ps -ef  | grep named

bind      2723    1  0 15:58 ?        00:00:00 /usr/sbin/named -u bind

root      3502  3454  0 17:50 pts/0    00:00:00 grep --color=auto named

bathory

12-21-2010 10:17 AM

Since you're running ubuntu, it could be an apparmor problem.
Take a look at the last paragraph here

Regards

ddaas

12-21-2010 01:43 PM

You are right.
I found this.

Quote:

apparmor_status
apparmor module is loaded.
6 profiles are loaded.
6 profiles are in enforce mode.
/sbin/dhclient3
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/connman/scripts/dhclient-script
/usr/sbin/mysqld
/usr/sbin/named
/usr/sbin/tcpdump
0 profiles are in complain mode.
2 processes have profiles defined.
2 processes are in enforce mode :
/usr/sbin/mysqld (817)
/usr/sbin/named (806)
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.

I'm not confident at the moment with AppArmor so I will learn about it first.
When I solve the problem I post the solution here.

Thank you

ddaas

12-21-2010 02:12 PM

Solved

Here is the solution https://lists.isc.org/pipermail/bind...ry/078473.html

Thank you !

All times are GMT -5. The time now is 01:35 AM.