I rebuilt my server and setup bind to log queries in a chroot.
################################################################################
# Logging Configuration
#
logging {
#
# Define channels for the two log files
#
channel query_log {
severity info;
print-time yes;
file "/var/log/query.log" versions 3 size 100M;
};
channel activity_log {
severity info;
print-time yes;
print-category yes;
print-severity yes;
file "/var/log/activity.log" versions 3 size 100M;
Below is the security context of the files in the chroot.
[root@josh log]# ls -alZ /var/named/chroot/var/log/activity.log
-rw-r--r-- named named root:object_r:named_conf_t /var/named/chroot/var/log/activity.log
[root@josh log]# ls -alZ /var/named/chroot/var/log/query.log
-rw-r--r-- named named root:object_r:named_conf_t /var/named/chroot/var/log/query.log
I temporarily disabled selinux but there was one simple step I missed (forgot since i did this years ago). I briefly recall creating a
symlink and/or using chcon or one of the selinux commands.
Thanks,
Josh
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
