Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 11 Jul 2007 06:14:47 -0700 (PDT)
From:      Patrick Dung <patrick_dkt@yahoo.com.hk>
To:        Doug Barton <dougb@FreeBSD.org>, freebsd-isp@freebsd.org, freebsd-questions@freebsd.org
Cc:        Patrick Dung <patrick_dkt@yahoo.com.hk>
Subject:   Re: FreeBSD 6.2 default bind9, question about customize logging [re-post] (solved)
Message-ID:  <989377.60550.qm@web54305.mail.re2.yahoo.com>
In-Reply-To: <46947AB8.809@FreeBSD.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

--- Doug Barton <dougb@FreeBSD.org> wrote:

> > On Sunday,  8 July 2007 at 12:06:26 -0700, Patrick Dung wrote:
> >> I am using FreeBSD 6.2 with the default bind (not ports).
> >> By default chroot is used.
> 
> It's not a major issue, but it's probably worth pointing out that
> whatever code base you use (base or ports) the behavior such as
> chroot, logging, etc. is controlled by the combination of
> /etc/rc.d/named and your named.conf options. Therefore this
> discussion
> applies equally well either way.

I use FreeBSD 6.2 with the named come with the base.

/etc/rc.conf
named_enable="YES"               # Run named, the DNS server (or NO).
named_program="/usr/sbin/named" # path to named, if you want a
different one.
#named_flags=""                 # Flags for named
named_pidfile="/var/run/named/pid" # Must set this in named.conf as
well
named_uid="bind"                # User to run named as
named_chrootdir="/var/named"    # Chroot directory (or "" not to
auto-chroot it)
named_chroot_autoupdate="YES"   # Automatically install/update chrooted
                                # components of named. See
/etc/rc.d/named.
named_symlink_enable="YES"      # Symlink the chrooted pid file

> 
> >> When named start or stop, it does have log in /var/log/messages.
> >> But for example, when some do domain transfer successfully, that
> is not
> >> logged (zone transfer denied is logged).
> 
> I have intentionally avoided adding more complex logging to the
> default named.conf because it's very hard to decide which way to land
> on this to make the most people happy (and/or the least people mad).
> I
> am of course always open to suggestions. :)

I need to log successful domain transfer for debugging purpose (which
slave/client has done domain transfer at what time).

> 
> >> So I tried to add this part in named.conf (enabled local0.* in
> >> syslog.conf) , but still no luck. Any suggestions?
> 
> The obvious ones, did you HUP the daemon after you changed the conf,
> and did you pre-create any new files that syslogd is supposed to
> write
> to for the local0 facility? Can you share your syslog.conf line for
> this? Do you get any joy when you try 'logger -plocal0.info blah' ?
> 
> >> logging {
> >>         channel named-log {
> 
> While I don't see that it's explicitly forbidden to use a - in a
> channel name, every example I've ever seen or used myself uses an
> underscore instead (named_log).
> 
> >>                 //syslog daemon;
> >>                 syslog local0;
> >>                 severity info;
> >>                 print-category yes;
> >>         };
> >>      category default { named-log; };
> >>      category xfer-in { named-log; };
> >>      category xfer-out { named-log; };
> >>      category unmatched { null; };
> >> };
> 
> This all looks good (modulo the - issue I mentioned above), and I use
> something similar myself, so once you're sure you can write to the
> syslog facility, you should be able to get this to work.
> 
> I should probably also point out that unless you really need this to
> go to syslog, you're probably better off writing to a file channel
> instead (less overhead, especially on a busy server). Either way
> there
> is information in the ARM that will help you,
> /usr/share/doc/bind9/arm.
> 

After furher testing, I got my problem solved.
1. I found named-log is ok to use.
2. I did not need to change my previous named.conf.
3. The problem is in /etc/syslog.conf

With the default /etc/syslog.conf, I have add a line:
local0.*                                        /var/log/messages
There is a difference on where I put it, if I put it at the bottom of
the file, even `logger -p local0.info test` will not work.
If it put that line on the top-most of syslog.conf, everything is
working fine...

BTW, could anyone explain why putting local0.* /var/log/messages at the
bottom of syslog.conf will not work?

Regards
Patrick

> 
> hth,
> 
> Doug
> 
> -- 
> 
>     This .signature sanitized for your protection
> 



       
____________________________________________________________________________________
Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase.
http://farechase.yahoo.com/



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?989377.60550.qm>