I want to change the logging behavior of Bind9 on my server (Ubuntu 14.04.4 LTS). I found a intuitive manual for this here: Help.Ubuntu. In their example they only changed the logging behavior for queries. I want to log everything (default) in a new logfile and also stop the current logging to /var/log/syslog.
I created a file /var/log/bind.log and changed the owner to bind user (chown bind:bind /var/log/bind.log):
-rw-r--r-- 1 bind bind 0 Mär 8 11:56 bind.log
Then I changed /etc/bind/named.conf.local and added
logging {
channel query.log {
file "/var/log/bind.log";
// Set the severity to dynamic to see all the debug messages.
severity debug 3;
};
category default { query.log; };
};
Then I first tried to only do a reload: "service bind9 reload". No error output, but nothing appeared in the log-file. Then I did "service bind9 restart", but also (without any error-message) no logs appeared in my file.
Does anyone have a clue, what might went wrong? My first issues were, that I wrote into /etc/named.conf and had wrong file permissions. There I always got errors like:
rndc: 'reload' failed: file not found
But after seeing, that I had to use /etc/bind/named.conf.local the errors disappeared. When using "service bind9 reload" I get the warning:
WARNING: key file (/etc/bind/rndc.key) exists, but using default configuration file (/etc/bind/rndc.conf)
but I do not think, that the warning is related to my problem. What makes me sceptical is, that either /etc/named.conf nor /etc/bind/rndc.conf have any line that handles the current logging to my /var/log/syslog. Where is this handled? I expected to find some lines like:
logging {
category default { default_syslog; default_debug; };
category unmatched { null; };
};
But could not find them anywhere.
