FreeBSD 6.2 default bind9,
question about customize logging [re-post] (solved)
Patrick Dung
info at plot.uz
Wed Jul 11 13:24:53 UTC 2007
--- Doug Barton <dougb at FreeBSD.org> wrote:
> > On Sunday, 8 July 2007 at 12:06:26 -0700, Patrick Dung wrote:
> >> I am using FreeBSD 6.2 with the default bind (not ports).
> >> By default chroot is used.
>
> It's not a major issue, but it's probably worth pointing out that
> whatever code base you use (base or ports) the behavior such as
> chroot, logging, etc. is controlled by the combination of
> /etc/rc.d/named and your named.conf options. Therefore this
> discussion
> applies equally well either way.
I use FreeBSD 6.2 with the named come with the base.
/etc/rc.conf
named_enable="YES" # Run named, the DNS server (or NO).
named_program="/usr/sbin/named" # path to named, if you want a
different one.
#named_flags="" # Flags for named
named_pidfile="/var/run/named/pid" # Must set this in named.conf as
well
named_uid="bind" # User to run named as
named_chrootdir="/var/named" # Chroot directory (or "" not to
auto-chroot it)
named_chroot_autoupdate="YES" # Automatically install/update chrooted
# components of named. See
/etc/rc.d/named.
named_symlink_enable="YES" # Symlink the chrooted pid file
>
> >> When named start or stop, it does have log in /var/log/messages.
> >> But for example, when some do domain transfer successfully, that
> is not
> >> logged (zone transfer denied is logged).
>
> I have intentionally avoided adding more complex logging to the
> default named.conf because it's very hard to decide which way to land
> on this to make the most people happy (and/or the least people mad).
> I
> am of course always open to suggestions. :)
I need to log successful domain transfer for debugging purpose (which
slave/client has done domain transfer at what time).
>
> >> So I tried to add this part in named.conf (enabled local0.* in
> >> syslog.conf) , but still no luck. Any suggestions?
>
> The obvious ones, did you HUP the daemon after you changed the conf,
> and did you pre-create any new files that syslogd is supposed to
> write
> to for the local0 facility? Can you share your syslog.conf line for
> this? Do you get any joy when you try 'logger -plocal0.info blah' ?
>
> >> logging {
> >> channel named-log {
>
> While I don't see that it's explicitly forbidden to use a - in a
> channel name, every example I've ever seen or used myself uses an
> underscore instead (named_log).
>
> >> //syslog daemon;
> >> syslog local0;
> >> severity info;
> >> print-category yes;
> >> };
> >> category default { named-log; };
> >> category xfer-in { named-log; };
> >> category xfer-out { named-log; };
> >> category unmatched { null; };
> >> };
>
> This all looks good (modulo the - issue I mentioned above), and I use
> something similar myself, so once you're sure you can write to the
> syslog facility, you should be able to get this to work.
>
> I should probably also point out that unless you really need this to
> go to syslog, you're probably better off writing to a file channel
> instead (less overhead, especially on a busy server). Either way
> there
> is information in the ARM that will help you,
> /usr/share/doc/bind9/arm.
>
After furher testing, I got my problem solved.
1. I found named-log is ok to use.
2. I did not need to change my previous named.conf.
3. The problem is in /etc/syslog.conf
With the default /etc/syslog.conf, I have add a line:
local0.* /var/log/messages
There is a difference on where I put it, if I put it at the bottom of
the file, even `logger -p local0.info test` will not work.
If it put that line on the top-most of syslog.conf, everything is
working fine...
BTW, could anyone explain why putting local0.* /var/log/messages at the
bottom of syslog.conf will not work?
Regards
Patrick
>
> hth,
>
> Doug
>
> --
>
> This .signature sanitized for your protection
>
____________________________________________________________________________________
Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase.
http://farechase.yahoo.com/
_______________________________________________
freebsd-isp at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list