[nsd-users] NSD not logging to SYSLOG

W.C.A. Wijngaards wouter at nlnetlabs.nl
Mon Feb 17 09:14:09 UTC 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Cam,

On 02/16/2014 07:27 AM, cam wrote:
> Hi,
> 
> Running NSD on OpenBSD 5.4, I notice that nsd does not log to
> SYSLOG unless it is run on the command line with the "-d -V 9"
> flags.
> 
>> From the manpages:
> -l logfile Log messages to the specified logfile. The default is to
> log to stderr and syslog. If a zonesdir: is specified in the
> config file this path can be relative to that directory.
> 
> Running it as a normal daemon with "-V 2" flags should
> theoretically log to SYSLOG but it is not the case. When running,
> no socket file is created in the /var/nsd/dev/ directory (even if I
> changed the permission to _nsd:_nsd), is this normal?
> 
> Would appreciate any hint or help,

The chroot is likely the culprit.  With chroot: "" you disable that,
and try to see if that fixes the logging.

Syslog on OpenBSD may need something in the chroot to function
properly, perhaps as user root makedev a device node or open a
named-pipe in a directory and then tell syslog to connect to it; or
something along those lines.  If it does not have that, then NSD can
call the syslog call, but that routine cannot do anything.  Usually
this is performed by the rc.d/nsd startup scripts.  These scripts are
OS specific, and I guess the OpenBSD one does not setup the
prerequisites for syslog?

(That script should also setup for: timezone information (for printing
the time to the log), and randomness device (for entropy to see the
secure random generator); but again not all OSes need it because they
use a different implementation for those things).

Best regards,
   Wouter


> Cheers, cam
> 
> Some info: # nsd -v NSD version 3.2.15 Written by NLnet Labs.
> 
> Copyright (C) 2001-2011 NLnet Labs.  This is free software. There
> is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
> PARTICULAR PURPOSE.
> 
> # l /var/nsd/ total 28 drwxr-xr-x   7 root  wheel  512 Feb 16 11:29
> . drwxr-xr-x  25 root  wheel  512 Feb 16 11:23 .. drwxr-xr-x   2
> root  wheel  512 Feb 13 19:32 db drwxr-xr-x   2 root  wheel  512
> Jul 31  2013 dev drwxrwxr-x   2 root  _nsd   512 Feb 16 14:14 run 
> drwxr-xr-x   2 root  wheel  512 Jul 31  2013 zones
> 
> # cat /etc/nsd.conf server: ip-address: 0.0.0.0 port: 53 
> server-count: 1 statistics: 120 verbosity: 2 ip4-only: yes 
> hide-version: yes identity: "ns1.domain.tld" 
> _______________________________________________ nsd-users mailing
> list nsd-users at NLnetLabs.nl 
> http://open.nlnetlabs.nl/mailman/listinfo/nsd-users
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTAdLhAAoJEJ9vHC1+BF+NDEAP/AzI7A3MJr7O5WE/jehs8iaS
0WqpwOYeVhfUGuL3Bu1TGTPUOtBFp8arJSsrhue4hj5pQZ+RFJK1GPKElXz4uvih
sgpkKFJY/C4ec2QuecS/mVPUhQI7Io8qXOR+MbspIQ5A0CAJeSrxk/EXv5no5yHh
l06Odtg7OHnQhZvVjQ5j8TIH7Ogc+OyTTwL5joIX11gGOsBZZcpFLaED5Y3w7RrB
RNh+g5ygovfozCr5uUQvmx8LdId3oItIdKkAtdexZw2TQ8Pv4d3/u/EiDy1X1fwZ
JOWTrIoNMptbp18b53W8pFEWFln4XB1fTvap9bD8PHFL5SYenstXU0kedQ0M7i6N
wUmX8PSZayg2Y0hp7u0KDXwZkii1AZO9lOLXkNYUayg56F+qM5dx5EzI/sV/HzSH
Cpej0EC43+2CLvzJeyWqrNES443AIDi8oru694nTa5Cbun1q6POndFZueUBYTkJT
3Z59Tyox0eW7h5RQxLOTl8f4e+JDIhLYYyj8w0zrV883nM5dfv0tUcgb4IeQCkbU
SBGbJLbNhFFQzPPoYseLZiWq4XhWfOhuiz/hZCgXklqbPL2FhAwcU13isaoiuC59
UWcftQx0mv+OOwt6sd0pTEQbQiKRbdVw8TozVxv+bZu0x2UpJif0BGzQS7rVEMNl
SEuNWIoR/re5MelTdSfO
=XVTV
-----END PGP SIGNATURE-----

More information about the nsd-users mailing list