From owner-freebsd-questions@FreeBSD.ORG Wed Jul 11 13:14:52 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9856516A468 for ; Wed, 11 Jul 2007 13:14:52 +0000 (UTC) (envelope-from patrick_dkt@yahoo.com.hk) Received: from web54305.mail.re2.yahoo.com (web54305.mail.re2.yahoo.com [206.190.49.115]) by mx1.freebsd.org (Postfix) with SMTP id 4756D13C4C3 for ; Wed, 11 Jul 2007 13:14:52 +0000 (UTC) (envelope-from patrick_dkt@yahoo.com.hk) Received: (qmail 71873 invoked by uid 60001); 11 Jul 2007 13:14:48 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.hk; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=i4N6vvlN5fIrQisP4MQz8IL91Hljv1l5R0/HWJfJixf/xUHL86VoENc46YdoDRQ/RyI9MK1mLxywO/kDKhpYH1BXD3OHSoXWrB0KMvoUf9mUkdHbxVJpZdNuRZS7TrN0UzuhnPULpnRF6PyL36a0Tt+dgWHjFO9kHZH8VRHteYo=; X-YMail-OSG: xKHeDLUVM1kvaWEwSaKUHSU7p9H8IMMX.z4JrTeRbeULmZwNglMKhoKH7l4EtIgyn5Z.RUvINyrUezOtflhjMFMeNCdnGS4qnxrf3tutg987mTw- Received: from [61.15.61.52] by web54305.mail.re2.yahoo.com via HTTP; Wed, 11 Jul 2007 06:14:47 PDT Date: Wed, 11 Jul 2007 06:14:47 -0700 (PDT) From: Patrick Dung To: Doug Barton , freebsd-isp@freebsd.org, freebsd-questions@freebsd.org In-Reply-To: <46947AB8.809@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <989377.60550.qm@web54305.mail.re2.yahoo.com> Cc: Patrick Dung Subject: Re: FreeBSD 6.2 default bind9, question about customize logging [re-post] (solved) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jul 2007 13:14:52 -0000 --- Doug Barton wrote: > > On Sunday, 8 July 2007 at 12:06:26 -0700, Patrick Dung wrote: > >> I am using FreeBSD 6.2 with the default bind (not ports). > >> By default chroot is used. > > It's not a major issue, but it's probably worth pointing out that > whatever code base you use (base or ports) the behavior such as > chroot, logging, etc. is controlled by the combination of > /etc/rc.d/named and your named.conf options. Therefore this > discussion > applies equally well either way. I use FreeBSD 6.2 with the named come with the base. /etc/rc.conf named_enable="YES" # Run named, the DNS server (or NO). named_program="/usr/sbin/named" # path to named, if you want a different one. #named_flags="" # Flags for named named_pidfile="/var/run/named/pid" # Must set this in named.conf as well named_uid="bind" # User to run named as named_chrootdir="/var/named" # Chroot directory (or "" not to auto-chroot it) named_chroot_autoupdate="YES" # Automatically install/update chrooted # components of named. See /etc/rc.d/named. named_symlink_enable="YES" # Symlink the chrooted pid file > > >> When named start or stop, it does have log in /var/log/messages. > >> But for example, when some do domain transfer successfully, that > is not > >> logged (zone transfer denied is logged). > > I have intentionally avoided adding more complex logging to the > default named.conf because it's very hard to decide which way to land > on this to make the most people happy (and/or the least people mad). > I > am of course always open to suggestions. :) I need to log successful domain transfer for debugging purpose (which slave/client has done domain transfer at what time). > > >> So I tried to add this part in named.conf (enabled local0.* in > >> syslog.conf) , but still no luck. Any suggestions? > > The obvious ones, did you HUP the daemon after you changed the conf, > and did you pre-create any new files that syslogd is supposed to > write > to for the local0 facility? Can you share your syslog.conf line for > this? Do you get any joy when you try 'logger -plocal0.info blah' ? > > >> logging { > >> channel named-log { > > While I don't see that it's explicitly forbidden to use a - in a > channel name, every example I've ever seen or used myself uses an > underscore instead (named_log). > > >> //syslog daemon; > >> syslog local0; > >> severity info; > >> print-category yes; > >> }; > >> category default { named-log; }; > >> category xfer-in { named-log; }; > >> category xfer-out { named-log; }; > >> category unmatched { null; }; > >> }; > > This all looks good (modulo the - issue I mentioned above), and I use > something similar myself, so once you're sure you can write to the > syslog facility, you should be able to get this to work. > > I should probably also point out that unless you really need this to > go to syslog, you're probably better off writing to a file channel > instead (less overhead, especially on a busy server). Either way > there > is information in the ARM that will help you, > /usr/share/doc/bind9/arm. > After furher testing, I got my problem solved. 1. I found named-log is ok to use. 2. I did not need to change my previous named.conf. 3. The problem is in /etc/syslog.conf With the default /etc/syslog.conf, I have add a line: local0.* /var/log/messages There is a difference on where I put it, if I put it at the bottom of the file, even `logger -p local0.info test` will not work. If it put that line on the top-most of syslog.conf, everything is working fine... BTW, could anyone explain why putting local0.* /var/log/messages at the bottom of syslog.conf will not work? Regards Patrick > > hth, > > Doug > > -- > > This .signature sanitized for your protection > ____________________________________________________________________________________ Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. http://farechase.yahoo.com/