DNS 9.3 Ubuntu Linux 8.4 trouble rotating log files because of a permissions error.

I can't get my named.log files to rotate.  What do I need to do to make the log files rotate?
Line in my syslog file.
unable to rename log file '/var/log/named.log' to '/var/log/named.log.o': permission denied.

ls -al named.log returns -rw-rw-r-- bind  bind  named.log
ls -ald returns drwxr-xr-x root root for /var/log.  Should root be the owner and group here?


Here's a snip of my named.conf.local file.
// Beginning of Logging

logging {

channel audit_log {
      file "/var/log/named.log" versions 7 size 4m;
      severity debug 3;
      print-time yes;

};
channel xfer_in_log {
      file "/var/log/xferin.log" versions 7 size 4m;
      severity debug 3;
      print-time yes;
};

channel xfer_out_log {
      file "/var/log/xferout.log" versions 7 size 4m;
      severity debug 3;
      print-time yes;
};

category security { audit_log; };
category config { audit_log; };
category resolver { audit_log; };
category xfer-in { xfer_in_log; };
category xfer-out { xfer_out_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { audit_log; };

// End of logging.
WestezAsked:
Who is Participating?
 
kblack05Connect With a Mentor Commented:
Go to /etc and create the file / edit file

/etc/logrotate.conf

and add these lines:

/var/log/named/* {
daily
rotate 1
missingok
}

You will need to add an instance for each daemon you wish to run logrotate on, and make sure the /var/log directory in the config matches the directory that you wish to rotate, for example

/var/log/httpd/* {
daily
rotate 1
missingok
}

You can change these to other time frames, to learn more issue 'man logrotate'

Then try to run it manually with

sudo logrotate -vf /etc/logrotate.conf

If you still have a problem please post any error output from the manual run, as well as the output of

ls -al /var/log/directory_of_interest
0
 
kblack05Commented:
Is your log rotator running as root? Or as nobody? You might need to add a 'sudo' statement to the front of the command line within the cron job.

0
 
WestezAuthor Commented:
How can you tell?  I've looked at the /etc/logrotate.conf file and it's unmodified, I see the two stanzas in there for wtmp.  It must be running because in /var/log I see wtmp being rotated. I ran a ps aux to list the running processes, and I don't recognize the log rotate process in the list.   I'm using the book "A Practical Guide to Ubuntu Linux" by Mark Sobell as a guide.   Page 875 has a statement that when the log file grows beyond 4 mb, it's renamed, and a new log is started.  It makes no mention of the log rotator other than to say see page 684 for another way to maintain log files. I don't think the log rotator plays a part with the named log.  Check me if I'm wrong.  Do I need to add a stanza to logrotated.conf to manage the named logs?
Based on the book, I'm thinking named controls the rotation.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
WestezAuthor Commented:
When I installed Ubuntu, I did the server install and chose to only install dns.  Also I just looked in /etc/logrotate.d to see if the dns install put anything in there and it's bare.  I'm currently reading https://help.ubuntu.com/community/LinuxLogFiles.
0
 
WestezAuthor Commented:
What about something like this in /etc/logrotate.d?  I created a file in that folder I named bind.  My path and filename for the log file is /var/log/bind/named.log.  Here's the contents of /etc/logrotate.d/bind.

/var/log/bind/named.log {
missingok
daily
create 644 bind bind
rotate 7
dateext
}



0
 
WestezAuthor Commented:
Looks like it's working, I ran the sudo logrotate -vf /etc/logrotate.conf command and here's the contents of /var/log/bind.  I'll check it in the morning and see what it looks like and get back to you.  


 /var/log/bind]# ls -al
total 14716
drwxr-xr-x  2 root root     4096 2009-04-21 16:33 .
drwxr-xr-x 11 root root     4096 2009-04-21 16:33 ..
-rw-r--r--  1 bind bind   140150 2009-04-21 16:38 named.log
-rw-r--r--  1 bind bind 14891325 2009-04-21 16:33 named.log-20090421
0
 
kblack05Commented:
Good call on adding the chmod. I was trying to keep it basic to get it working.

Please do update me, and we'll just take it from there.

Have a good one.
0
 
WestezAuthor Commented:
Thanks for your help Expert, it got me through the tough spot.  Here's this morning's output, it's doing just what I want it to do.

-rw-r--r--  1 bind bind  4876036 2009-04-22 08:59 named.log
-rw-r--r--  1 bind bind 14891325 2009-04-21 16:33 named.log-20090421
-rw-r--r--  1 bind bind  3378703 2009-04-22 06:51 named.log-20090422.gz

Here's the stanza I've created.  This is for others who may be struggling with the same problem as I did.
/var/log/bind/named.log {
missingok
daily
create 644 bind bind
rotate 7
dateext
compress
}

0
 
kblack05Commented:
You are welcome, and I must compliment you on good form. Adding chmod to the config was a smart thing to do. Enjoy, and come back anytime!

Regards,

K Black
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.