9
/etc/apparmor.d/usr.sbin.named 

/var/log/bind9/** rw,
/var/log/bind9/ rw,

/etc/bind/named.conf.options
options {
        directory "/var/cache/bind";
        auth-nxdomain no;
        listen-on-v6 { any; };
        statistics-file "/var/cache/bind/named.stats";
        rrset-order {order cyclic;};
    allow-transfer { 127.0.0.1; };
};
logging {
        channel b_query {
                file "/var/log/bind9/query.log" versions 2 size 1m;
                print-time yes;
                severity info;
        };
        category queries { b_query; };
};

service bind9 status

isc_stdio_open '/var/log/bind9/query.log' failed: permission denied

I have already created bind9 in /var/log and added root:bind with permission 755

I have already restarted apparmor and bind9 Same error. What is wrong ?

Mahesh
  • 263

3 Answers3

15

On /etc/apparmor.d/usr.sbin.named

/var/log/named/** rw,
/var/log/named/ rw,

You must adjust permissions or dir here.

Some people like to put logs in /var/log/named/ instead of having syslog do the heavy lifting.

Eliah Kagan
  • 119,640
Édson Flávio de Souza
  • 151
1

I tried to configure custom logging, "/var/log/named/log.files.names".

I tried everything that seamed reasonable to get rid of the error, "isc_file_isplainfile '/var/log/named/default' failed: permission denied" by changing the file system permissions without success. I then tried to make the named log files and directory executable and couldn't believe it, that fixed the permissions. Apparently bind needs to execute something using these files and/or directory.

owner=root:group=named and permissions are 775.

p.s: Zanna, you should take your own advice about editing other people's posts. Unless you absolutely know what they're trying to say and not thinking you know, even the most minuscule change you make in their grammar can profoundly change the meaning of their post.

ThomasJ
  • 11
1

I have already created bind9 in /var/log and added root:bind with permission 755

instead of root:bind, bind:bind works

Mahesh
  • 263