DNs log files
hi to All,
I am using RHEL-5 Linux where I have configured master and slave DNS servers. To check dns zone transfer and any kind of bind error , we use /var/log/messages file. How can I create seperate DNS log file , say /var/log/bindlog so that all DNS errors and info should be logged in such a file. Can anybody tell me how to configure named.conf to log all bind events in /var/log/bindlog file ? logging { channel bindlog { print-name yes; print-category yes; print-severity yes; } categorty xfer-out { bindlog;}; categorty xfer-in { bindlog;}; categorty security { bindlog;}; categorty panic { bindlog;}; categorty insist { bindlog;}; }; I have added these parameters in named.conf file , restarted all services but even then no logging inabove file. Why |
Hi again.
You should make some changes in your logging part of named.conf. First of all you should define a log filename. Then some categories do not exist (I guess categorty is just a typo). Anyway you can try this: Code:
logging { You can read more about bind logging here |
log file
I did mention log file location but forgot to add into forum. I am sorry fot that.
The docs you provided was very helpful.But problem is same.No events are logged in the bindlog file. As per the docs, named users mush have write access to log file, it is already assigned. What else may be the problem ? |
Could you just copy/paste the above snippet into your named.conf, just after the options part and before the start of zone definitions (after making a backup first) to see what happens.
|
dns log file
this is the named.conf file snapshot. DNS master and slave is working fine.No problem at all. But events are not logged in the named.log file.
Please check it. options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; /* */ // query-source address * port 53; allow-recursion { 172.16.1.0/24; 172.16.2.0/24; localhost; }; allow-transfer { 172.16.2.6; }; allow-query { 172.16.1.0/24; 172.16.2.0/24; localhost; }; version "[Secured]"; }; zone "." IN { type hint; file "named.root"; }; zone "localdomain." IN { type master; file "localdomain.zone"; allow-update { none; }; } ; zone "localhost." IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa." IN { type master; file "named.local"; allow-update { none; }; notify no; }; zone "8i.net.sa" IN { type master; file "8i.net.sa.zone"; allow-update { none; }; allow-transfer { 172.16.2.6; }; notify yes; allow-query { any; }; }; zone "2.16.172.in-addr.arpa." IN { type master; file "8i.net.sa.local"; allow-update { none; }; allow-transfer { 172.16.2.6; }; notify yes; allow-query { any; }; }; zone "255.in-addr.arpa." IN { type master; file "named.broadcast"; allow-update { none; }; }; zone "0.in-addr.arpa." IN { type master; file "named.zero"; allow-update { none; }; }; # Use with the following in named.conf, adjusting the allow list as needed: key "rndckey" { algorithm hmac-md5; secret "hM3UJdk9eAL+8pK56X0gng=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndckey"; }; }; # End of named.conf server 172.16.2.6 { keys { rndckey ;}; }; logging { channel sachin_debug { file "/var/log/named.log" versions 3 size 5m; print-category yes; severity info; print-severity yes; print-time yes; }; category config { sachin_debug; }; category xfer-in { sachin_debug; }; category xfer-out { sachin_debug; }; category queries { sachin_debug; }; }; |
Are you sure that the user that runs named can write to /var/log/named.log?
I suggest you to change the location of that file to be inside the /var/named directory, just to be sure that the named-user has write permissions. So change the following: logging { channel sachin_debug { file "/var/named/named.log" versions 3 size 5m; ... ... restart named and check /var/named/named.log |
dns log file
Thanx for replying,
I did the same as you told me to do . But still ,problem not resolved.I changed the named.log file location and assure that named user has write permission access on that file , restarted the named dameon,But named.log fie has no events. But when i checked tail /var/log/messages file, there was one error : localhost named [5444]: isc_log_open '/var/named/named.log' failed :permission denied Why is it so ? I think the same as you told permission error.But I had assigned full permission by: # chmod 777 /var/named/named.log so why this error?? What should I do next ? |
You should double check the directories/files permissions, or post the output of:
Code:
ls -l /var |
dns log file
This is the output of commands you required. Anyhow I assign the permissions and change the ownership to named user, now there is no such error as permission denied.but still no logging in the named.log file.
What else should I do now ? NO PERMISSION DENIED ERROR NOW, BUT STILL NO LOGGING [root@test4 ~]# ls -l /var total 220 drwxr-xr-x 2 root root 4096 Sep 9 11:18 account drwxr-xr-x 2 pcap pcap 4096 Sep 12 15:18 arpwatch drwxr-xr-x 13 root root 4096 Sep 9 11:36 cache drwxr-xr-x 2 root root 4096 Jan 24 2007 crash drwxr-xr-x 2 root root 4096 Dec 7 2006 cvs drwxr-xr-x 3 root root 4096 Sep 9 11:19 db drwxr-xr-x 3 root root 4096 Sep 9 11:18 empty drwxr-xr-x 3 root root 4096 Sep 9 11:23 ftp drwxr-xr-x 2 root root 4096 Oct 11 2006 games drwxrwx--T 2 root gdm 4096 Sep 17 10:00 gdm drwxr-xr-x 3 root root 4096 Sep 9 11:29 kerberos drwxr-xr-x 44 root root 4096 Sep 12 12:13 lib drwxr-xr-x 2 root root 4096 Oct 11 2006 local drwxrwxr-x 10 root lock 4096 Sep 17 09:42 lock drwxr-xr-x 26 root root 4096 Sep 17 09:42 log lrwxrwxrwx 1 root root 10 Sep 9 11:15 mail -> spool/mail drwxrwxrwx 5 named named 4096 Sep 16 14:53 named drwx------ 2 root root 4096 Sep 17 09:42 net-snmp drwxr-xr-x 2 root root 4096 Oct 11 2006 nis drwxr-xr-x 2 root root 4096 Oct 11 2006 opt drwxr-xr-x 2 root root 4096 Oct 11 2006 preserve drwxr-xr-x 2 root root 4096 Oct 1 2006 racoon drwxr-xr-x 33 root root 4096 Sep 17 09:42 run drwxr-xr-x 24 root root 4096 Sep 9 11:29 spool drwxrwxrwt 3 root root 4096 Sep 12 12:47 tmp drwx------ 2 root root 4096 Aug 23 2006 tux drwx------ 2 root bin 4096 Sep 12 12:50 webmin drwxr-xr-x 9 root root 4096 Sep 9 11:28 www drwxr-xr-x 3 root root 4096 Sep 9 11:28 yp [root@test4 ~]# [root@test4 ~]# ls -l /var/named total 28 drwxr-x--- 6 named named 4096 Sep 10 12:14 chroot drwxrwx--- 2 named named 4096 Sep 16 14:53 data -rwxrwxrwx+ 1 named named 0 Sep 16 09:41 named.log drwxrwx--- 2 named named 4096 Jan 17 2007 slaves [root@test4 ~]# [root@test4 ~]# ps -ef |grep named named 2233 1 0 09:42 ? 00:00:00 /usr/sbin/named -u named -t /var/named/chroot root 5176 5013 0 10:02 pts/4 00:00:00 grep named [root@test4 ~]# |
Quote:
In that case all your logs should be under /var/named/chroot/var/named/named.log |
dns log files
I found the log files in this location. But why is this so ? Means when i specify the exact location of log file in named.conf file, then why log files are created in this lcoation ? And what does it means when named is running under chroot environement as you said .OR it means when named services are running chroot jail, log files will only be created in this location as you mentioned?
If i have to created log files in different location as earlier, say /var/log/named.log, then what shall I have to do ? Many thanks for resolving this query. I was stucked in this problem frm last one week. |
All times are GMT -5. The time now is 09:38 AM. |