Your message dated Wed, 1 Sep 2010 05:30:12 -0600 with message-id <[email protected]> and subject line Re: Bug#595123: bind9: named fails to rename/rotate /var/log/named-auth.info has caused the Debian Bug report #595123, regarding bind9: named fails to rename/rotate /var/log/named-auth.info to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 595123: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595123 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: bind9 Version: 1:9.7.1.dfsg.P2-2 Severity: normal hello friends, thanks for packaging bind9. named is giving the following message: named[1956]: unable to rename log file '/var/log/named-auth.info' to \ '/var/log/named-auth.info.0': permission denied probably trying to rotate the log. maybe the intention was to use a private log directory for bind? best regards, alex -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages bind9 depends on: ii adduser 3.112 add and remove users and groups ii bind9utils 1:9.7.1.dfsg.P2-2 Utilities for BIND ii debconf [debconf-2.0] 1.5.35 Debian configuration management sy ii libbind9-60 1:9.7.1.dfsg.P2-2 BIND9 Shared Library used by BIND ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib ii libcap2 1:2.19-3 support for getting/setting POSIX. ii libdb4.8 4.8.26-1 Berkeley v4.8 Database Libraries [ ii libdns66 1:9.7.1.dfsg.P2-2 DNS Shared Library used by BIND ii libgssapi-krb5-2 1.8.3+dfsg~beta1-1 MIT Kerberos runtime libraries - k ii libisc60 1:9.7.1.dfsg.P2-2 ISC Shared Library used by BIND ii libisccc60 1:9.7.1.dfsg.P2-2 Command Channel Library used by BI ii libisccfg60 1:9.7.1.dfsg.P2-2 Config File Handling Library used ii libldap-2.4-2 2.4.17-2.1 OpenLDAP libraries ii liblwres60 1:9.7.1.dfsg.P2-2 Lightweight Resolver Library used ii libssl0.9.8 0.9.8o-2 SSL shared libraries ii libxml2 2.7.7.dfsg-4 GNOME XML library ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip ii net-tools 1.60-23 The NET-3 networking toolkit ii netbase 4.42 Basic TCP/IP networking system bind9 recommends no packages. Versions of packages bind9 suggests: pn bind9-doc <none> (no description available) ii dnsutils 1:9.7.1.dfsg.P2-2 Clients provided with BIND ii resolvconf 1.46 name server information handler pn ufw <none> (no description available) -- Configuration Files: /etc/bind/named.conf changed: // This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local //include "/etc/bind/named.conf.options"; include "/var/run/bind/named.options"; // From the release notes: // Because many of our users are uncomfortable receiving undelegated answers // from root or top level domains, other than a few for whom that behaviour // has been trusted and expected for quite some length of time, we have now // introduced the "root-delegations-only" feature which applies delegation-only // logic to all top level domains, and to the root domain. An exception list // should be specified, including "MUSEUM" and "DE", and any other top level // domains from whom undelegated responses are expected and trusted. // root-delegation-only exclude { "DE"; "MUSEUM"; }; include "/etc/bind/named.conf.local"; /etc/bind/named.conf.local changed: // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; include "/etc/bind/rndc.key"; acl internals { 192.168.2.0/24; 192.168.3.0/24; 192.168.4.0/24; 127.0.0.1; }; controls {inet 127.0.0.1 allow {localhost;} keys {rndc-key;}; }; view "internal" { match-clients { internals; }; recursion yes; // local network zone "resheteva.lan" IN { type master; file "db.resheteva.lan"; allow-transfer { internals; }; allow-update { key rndc-key; }; }; // reverse name resolution for local network zone "2.168.192.in-addr.arpa" { type master; file "db.192.168.2"; allow-transfer { internals; }; allow-update { key rndc-key; }; }; // internal virtual network in host alex3 zone "alex3.lan" IN { type master; file "db.alex3.lan"; allow-transfer { internals; }; allow-update { key rndc-key; }; }; // reverse name resolution for internal network zone "3.168.192.in-addr.arpa" { type master; file "db.192.168.3"; allow-transfer { internals; }; allow-update { key rndc-key; }; }; zone "fimo.org.il" { type master; file "db.fimo.org.il"; allow-transfer { none; }; allow-update { none; }; }; zone "baalbait.net" { type master; file "db.baalbait.net"; allow-transfer { none; }; allow-update { none; }; }; // zone "resheteva.org" { // type master; // file "db.resheteva.org"; // allow-transfer { none; }; // allow-update { none; }; // }; }; view "default" { // match-clients { any; }; // recursion yes; // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; // zone "com" { type delegation-only; }; // zone "net" { type delegation-only; }; }; //end view "default" logging { channel update_debug { syslog daemon; severity debug 3; // severity info; print-category yes; print-severity yes; print-time yes; }; channel security_info { file "/var/log/named-auth.info" versions 10 size 512k; severity info; print-category yes; print-severity yes; print-time yes; }; category update { update_debug; }; category security { security_info; }; category resolver { security_info; }; }; /etc/network/if-down.d/bind9 changed: echo "down $0" if [ ! -d /usr/sbin ]; then exit 0 fi rndc reconfig >/dev/null 2>&1 || true exit 0 /etc/network/if-up.d/bind9 changed: echo $0 if [ ! -d /usr/sbin ]; then exit 0 fi rndc reconfig >/dev/null 2>&1 || true exit 0 /etc/ppp/ip-up.d/bind9 changed: if [ ! -d /usr/sbin ]; then exit 0 fi rndc reconfig >/dev/null 2>&1 || true /etc/init.d/bind9 reload exit 0 -- debconf information: bind9/different-configuration-file: bind9/run-resolvconf: false bind9/start-as-user: bind
--- End Message ---
--- Begin Message ---On Wed, Sep 01, 2010 at 11:48:08AM +0300, alex bodnaru wrote: > named is giving the following message: > named[1956]: unable to rename log file '/var/log/named-auth.info' to \ > '/var/log/named-auth.info.0': permission denied > probably trying to rotate the log. > maybe the intention was to use a private log directory for bind? > channel security_info { > file "/var/log/named-auth.info" If you tell BIND to write to a directory, you need to make sure it has permission to do so. lamont
--- End Message ---
