Re: FreeBSD 6.2 default bind9, question about customize logging (solved)

--- Doug Barton <dougbFreeBSD.org> wrote:

> > On Sunday,  8 July 2007 at 12:06:26 -0700, Patrick
Dung wrote:
> >> I am using FreeBSD 6.2 with the default bind
(not ports).
> >> By default chroot is used.
> 
> It's not a major issue, but it's probably worth
pointing out that
> whatever code base you use (base or ports) the behavior
such as
> chroot, logging, etc. is controlled by the combination
of
> /etc/rc.d/named and your named.conf options. Therefore
this
> discussion
> applies equally well either way.

I use FreeBSD 6.2 with the named come with the base.

/etc/rc.conf
named_enable="YES"               # Run named, the
DNS server (or NO).
named_program="/usr/sbin/named" # path to named,
if you want a
different one.
#named_flags=""                 # Flags for named
named_pidfile="/var/run/named/pid" # Must set this
in named.conf as
well
named_uid="bind"                # User to run
named as
named_chrootdir="/var/named"    # Chroot directory
(or "" not to
auto-chroot it)
named_chroot_autoupdate="YES"   # Automatically
install/update chrooted
                                # components of named. See
/etc/rc.d/named.
named_symlink_enable="YES"      # Symlink the
chrooted pid file

> 
> >> When named start or stop, it does have log in
/var/log/messages.
> >> But for example, when some do domain transfer
successfully, that
> is not
> >> logged (zone transfer denied is logged).
> 
> I have intentionally avoided adding more complex
logging to the
> default named.conf because it's very hard to decide
which way to land
> on this to make the most people happy (and/or the least
people mad).
> I
> am of course always open to suggestions. 

I need to log successful domain transfer for debugging
purpose (which
slave/client has done domain transfer at what time).

> 
> >> So I tried to add this part in named.conf
(enabled local0.* in
> >> syslog.conf) , but still no luck. Any
suggestions?
> 
> The obvious ones, did you HUP the daemon after you
changed the conf,
> and did you pre-create any new files that syslogd is
supposed to
> write
> to for the local0 facility? Can you share your
syslog.conf line for
> this? Do you get any joy when you try 'logger
-plocal0.info blah' ?
> 
> >> logging {
> >>         channel named-log {
> 
> While I don't see that it's explicitly forbidden to use
a - in a
> channel name, every example I've ever seen or used
myself uses an
> underscore instead (named_log).
> 
> >>                 //syslog daemon;
> >>                 syslog local0;
> >>                 severity info;
> >>                 print-category yes;
> >>         };
> >>      category default { named-log; };
> >>      category xfer-in { named-log; };
> >>      category xfer-out { named-log; };
> >>      category unmatched { null; };
> >> };
> 
> This all looks good (modulo the - issue I mentioned
above), and I use
> something similar myself, so once you're sure you can
write to the
> syslog facility, you should be able to get this to
work.
> 
> I should probably also point out that unless you really
need this to
> go to syslog, you're probably better off writing to a
file channel
> instead (less overhead, especially on a busy server).
Either way
> there
> is information in the ARM that will help you,
> /usr/share/doc/bind9/arm.
> 

After furher testing, I got my problem solved.
1. I found named-log is ok to use.
2. I did not need to change my previous named.conf.
3. The problem is in /etc/syslog.conf

With the default /etc/syslog.conf, I have add a line:
local0.*                                       
/var/log/messages
There is a difference on where I put it, if I put it at the
bottom of
the file, even `logger -p local0.info test` will not work.
If it put that line on the top-most of syslog.conf,
everything is
working fine...

BTW, could anyone explain why putting local0.*
/var/log/messages at the
bottom of syslog.conf will not work?

Regards
Patrick

> 
> hth,
> 
> Doug
> 
> -- 
> 
>     This .signature sanitized for your protection
> 



       
____________________________________________________________
________________________
Looking for a deal? Find great prices on flights and hotels
with Yahoo! FareChase.
http://farechase.yahoo.co
m/
_______________________________________________
freebsd-ispfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to
"freebsd-isp-unsubscribefreebsd.org"

hi,
i am not sure why local0 would not work at the bottom of the
file
may be some sort of rules - first come, first serv

but, sorry i forgot to mention of the my syslog.conf file
along with  
named.conf file

!named
*.*                                            
/var/log/bind/named.log


this is what i got, but i don't like to log named instances
into /var/ 
log/messages


On Jul 11, 2007, at 8:14 AM, Patrick Dung wrote:

>
> --- Doug Barton <dougbFreeBSD.org> wrote:
>
>>> On Sunday,  8 July 2007 at 12:06:26 -0700,
Patrick Dung wrote:
>>>> I am using FreeBSD 6.2 with the default
bind (not ports).
>>>> By default chroot is used.
>>
>> It's not a major issue, but it's probably worth
pointing out that
>> whatever code base you use (base or ports) the
behavior such as
>> chroot, logging, etc. is controlled by the
combination of
>> /etc/rc.d/named and your named.conf options.
Therefore this
>> discussion
>> applies equally well either way.
>
> I use FreeBSD 6.2 with the named come with the base.
>
> /etc/rc.conf
> named_enable="YES"               # Run named,
the DNS server (or NO).
> named_program="/usr/sbin/named" # path to
named, if you want a
> different one.
> #named_flags=""                 # Flags for
named
> named_pidfile="/var/run/named/pid" # Must set
this in named.conf as
> well
> named_uid="bind"                # User to run
named as
> named_chrootdir="/var/named"    # Chroot
directory (or "" not to
> auto-chroot it)
> named_chroot_autoupdate="YES"   #
Automatically install/update  
> chrooted
>                                 # components of named.
See
> /etc/rc.d/named.
> named_symlink_enable="YES"      # Symlink the
chrooted pid file
>
>>
>>>> When named start or stop, it does have log
in /var/log/messages.
>>>> But for example, when some do domain
transfer successfully, that
>> is not
>>>> logged (zone transfer denied is logged).
>>
>> I have intentionally avoided adding more complex
logging to the
>> default named.conf because it's very hard to decide
which way to land
>> on this to make the most people happy (and/or the
least people mad).
>> I
>> am of course always open to suggestions. 
>
> I need to log successful domain transfer for debugging
purpose (which
> slave/client has done domain transfer at what time).
>
>>
>>>> So I tried to add this part in named.conf
(enabled local0.* in
>>>> syslog.conf) , but still no luck. Any
suggestions?
>>
>> The obvious ones, did you HUP the daemon after you
changed the conf,
>> and did you pre-create any new files that syslogd
is supposed to
>> write
>> to for the local0 facility? Can you share your
syslog.conf line for
>> this? Do you get any joy when you try 'logger
-plocal0.info blah' ?
>>
>>>> logging {
>>>>         channel named-log {
>>
>> While I don't see that it's explicitly forbidden to
use a - in a
>> channel name, every example I've ever seen or used
myself uses an
>> underscore instead (named_log).
>>
>>>>                 //syslog daemon;
>>>>                 syslog local0;
>>>>                 severity info;
>>>>                 print-category yes;
>>>>         };
>>>>      category default { named-log; };
>>>>      category xfer-in { named-log; };
>>>>      category xfer-out { named-log; };
>>>>      category unmatched { null; };
>>>> };
>>
>> This all looks good (modulo the - issue I mentioned
above), and I use
>> something similar myself, so once you're sure you
can write to the
>> syslog facility, you should be able to get this to
work.
>>
>> I should probably also point out that unless you
really need this to
>> go to syslog, you're probably better off writing to
a file channel
>> instead (less overhead, especially on a busy
server). Either way
>> there
>> is information in the ARM that will help you,
>> /usr/share/doc/bind9/arm.
>>
>
> After furher testing, I got my problem solved.
> 1. I found named-log is ok to use.
> 2. I did not need to change my previous named.conf.
> 3. The problem is in /etc/syslog.conf
>
> With the default /etc/syslog.conf, I have add a line:
> local0.*                                       
/var/log/messages
> There is a difference on where I put it, if I put it at
the bottom of
> the file, even `logger -p local0.info test` will not
work.
> If it put that line on the top-most of syslog.conf,
everything is
> working fine...
>
> BTW, could anyone explain why putting local0.*
/var/log/messages at  
> the
> bottom of syslog.conf will not work?
>
> Regards
> Patrick
>
>>
>> hth,
>>
>> Doug
>>
>> -- 
>>
>>     This .signature sanitized for your protection
>>
>
>
>
>
>
____________________________________________________________
__________ 
> ______________
> Looking for a deal? Find great prices on flights and
hotels with  
> Yahoo! FareChase.
> http://farechase.yahoo.co
m/
> _______________________________________________
> freebsd-ispfreebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to
"freebsd-isp-unsubscribefreebsd.org"

_______________________________________________
freebsd-ispfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to
"freebsd-isp-unsubscribefreebsd.org"