[CentOS] DNS Logging with Selinux enabled
Josh Donovan
josh.dvan at yahoo.co.ukWed Sep 10 09:11:25 UTC 2008
- Previous message: [CentOS] Re: Centos 4.7 delay more than mirror issue?
- Next message: [CentOS] DNS Logging with Selinux enabled
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I rebuilt my server and setup bind to log queries in a chroot.
################################################################################
# Logging Configuration
#
logging {
#
# Define channels for the two log files
#
channel query_log {
severity info;
print-time yes;
file "/var/log/query.log" versions 3 size 100M;
};
channel activity_log {
severity info;
print-time yes;
print-category yes;
print-severity yes;
file "/var/log/activity.log" versions 3 size 100M;
Below is the security context of the files in the chroot.
[root at josh log]# ls -alZ /var/named/chroot/var/log/activity.log
-rw-r--r-- named named root:object_r:named_conf_t /var/named/chroot/var/log/activity.log
[root at josh log]# ls -alZ /var/named/chroot/var/log/query.log
-rw-r--r-- named named root:object_r:named_conf_t /var/named/chroot/var/log/query.log
I temporarily disabled selinux but there was one simple step I missed (forgot since i did this years ago). I briefly recall creating a
symlink and/or using chcon or one of the selinux commands.
Thanks,
Josh
- Previous message: [CentOS] Re: Centos 4.7 delay more than mirror issue?
- Next message: [CentOS] DNS Logging with Selinux enabled
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list