Ubuntu
bind9 package

BIND 9.4.2 permission denied for custom log files

Bug #235792 reported by binary.koala
4
Affects Status Importance Assigned to Milestone
bind9 (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: bind9

when creating custom log file configuration described in https://help.ubuntu.com/community/BIND9ServerHowto#head-44482c079ef8876038306d99db040e1fcb9ea535 BIND can't write to that file:

danja@blast:/var/log$ tail /var/log/daemon.log
May 29 17:54:44 blast named[11204]: logging channel 'query' file '/var/log/query.log': permission denied
May 29 17:54:44 blast named[11204]: isc_log_open '/var/log/query.log' failed: permission denied

however permissions are set right:

danja@blast:/var/log$ ls /var/log/query.log -la
-rw-r--r-- 1 bind root 0 2008-05-29 17:26 /var/log/query.log

my current bind package is:
danja@blast:/var/log$ apt-cache policy bind9
bind9:
  Installed: 1:9.4.2-10
  Candidate: 1:9.4.2-10
  Version table:
 *** 1:9.4.2-10 0
        500 http://nl.archive.ubuntu.com hardy/main Packages
        100 /var/lib/dpkg/status

Ubuntu:
danja@blast:/var/log$ lsb_release -rd
Description: Ubuntu 8.04
Release: 8.04

Somewhat this error seems similar to SELinux: http://www.isc.org/index.pl?/sw/bind/FAQ.php
(search for "custom logs")

Revision history for this message
Mathias Gug (mathiaz) wrote :

If you're using custom log files, you'll need to update the named AppArmor profile.

See https://wiki.ubuntu.com/DebuggingApparmor for more information about AppArmor profiles.

Changed in bind9:
status: New → Invalid
Revision history for this message
binary.koala (binary-koala) wrote :

right...
too bad i did not read about it anywhere before filling it as a bug.

adding "/var/log/named/** rw," to
/etc/apparmor.d/usr.sbin.named

made BIND able to write to respected dir.

thanks!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.