Bug 167064 - bind does not log anything (almost) by default
bind does not log anything (almost) by default
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: bind (Show other bugs)
4
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jason Vas Dias
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-29 17:48 EDT by Florin Andrei
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-08-30 12:17:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Florin Andrei 2005-08-29 17:48:28 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050720 Fedora/1.0.6-1.1.fc4 Firefox/1.0.6

Description of problem:
By default, pretty much all the important daemons (httpd, postfix, vsftpd...) are configured so that normal activity is logged, either to syslog or to a text file.

For some obscure reason, named is different, it is configured by default to log almost nothing. This is inconsistent with all other daemons.

Suggested addition to named.conf to enable logging:

logging {
  channel default_syslog {
    syslog local2;
    severity info;
  };

  category lame-servers {null;}; // don't log these ...
  category queries  {default_syslog;};
  category config   {default_syslog;};
  category security {default_syslog;};
};

Version-Release number of selected component (if applicable):
bind-9.3.1-10_FC4

How reproducible:
Always

Steps to Reproduce:
1.run named
2.
3.
  

Actual Results:  almost nothing is logged

Expected Results:  named should log queries and other events, pretty much like all other daemons do

Additional info:

The named.conf lines indicated above were copied from this page (and two typos were fixed):

http://www.hansenonline.net/Networking/bind.html
Comment 1 Jason Vas Dias 2005-08-29 18:27:55 EDT
In Rawhide, the initscript order of syslog and named would fix this problem:

# grep '^# chkconfig:' /etc/init.d/syslog
chkconfig: 2345 1 99
# grep '^# chkconfig:' /etc/init.d/named
chkconfig: 2345 11 89

It is better to fix this problem by starting syslog earlier rather than 
starting named later, so that named can be used as a resolver for all
network dependant programs.

I'll be submitting a new version of syslogd to FC4 updates with the changed
syslog.init script shortly.
Comment 2 Jason Vas Dias 2005-08-30 11:24:00 EDT

*** This bug has been marked as a duplicate of 167062 ***
Comment 3 Florin Andrei 2005-08-30 11:41:25 EDT
Jason, I disagree, this is not a duplicate of bug #167062

Bug #167062 says "even if you configure Bind to log to syslog, it will stop
logging after a reboot."

This bug says "other daemons are configured by default to log various things,
but Bind contains nothing by default in named.conf to trigger logging of normal
activity such as queries, etc."
In this bug report I was refering to the fact that Fedora ships with a
nameserver that does not log queries and things like that, per the default
named.conf, which is a different policy than the rest of the daemons.
See? Even if bug #167062 is fixed, this bug report says that Bind will still not
log anything (or almost) by default.
Comment 4 Jason Vas Dias 2005-08-30 12:17:03 EDT
OK, so your complaint here is that named does not log queries by default ?

By default, the bind package ships no named.conf file . A default named 
configuration comes from the caching-nameserver package, or from running
the system-config-bind package.

Very few BIND users would actually want to log every query the nameserver
responds to. Real world nameservers can process thousands of queries per
second and this would quickly fill up the /var/log partition.

The default logging { } configuration, activated by not specifying ANY
logging configuration in named.conf, is sufficient for most BIND users.

The logging configuration given above differs from the default ONLY in 
disabling the lame servers messages, in specifying the "local2" syslog
facility rather than the default "daemon", and in enabling query logging.

Query logging is useful for debug purposes, and can also be enabled / disabled
with the 'rndc querylog' command; by default, named will send query logging
output to syslog.

Most users also would want to know about lame servers; these messages 
are useful to point out broken BIND configurations and servers whose
responses should not be trusted. By default, these messages are also logged
to syslog.

By default, without any 'logging {}' configuration, named emits startup messages
(config and security info) and messages upon any error, which is sufficient for
most people.

In short, the default logging configuration is reasonable and sufficient for
the majority of uses and can easily be changed to suit specific requirements,
and this is 'NOTABUG'.

Note You need to log in before you can comment on or make changes to this bug.