[nsd-users] logs

José Luis Artuch zenbakaitz at speedy.com.ar
Thu Oct 24 12:46:16 UTC 2019 

Thanks Jeroen,

About permissions and owners:
For /var/log/nsd.log, the directory /var/log/ has 755 root:root
For /var/log/nsd/nsd.log, I created alternatively a directory
/var/log/nsd/ with permissions 664, 666 and 777, for both nsd and root
owners.
As for NSD user, in /etc/nsd/nsd.conf I have configured username: nsd.

cat /lib/systemd/system/nsd.service
[Unit]
Description=Name Server Daemon
Documentation=man:nsd(8)
After=network.target

[Service]
Type=notify
Restart=always
ExecStart=/usr/sbin/nsd -d
ExecReload=+/bin/kill -HUP $MAINPID
CapabilityBoundingSet=CAP_CHOWN CAP_IPC_LOCK CAP_NET_BIND_SERVICE
CAP_SETGID CAP_SETUID CAP_SYS_CHROOT
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
ProtectControlGroups=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
ReadWritePaths=/var/lib/nsd /etc/nsd /run
RuntimeDirectory=nsd
RestrictRealtime=true
SystemCallArchitectures=native
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module mount
@obsolete @resources

[Install]
WantedBy=multi-user.target

I have done a fresh installation of Debian 10 and also rewrite each
configuration file.

A detail that I do not know if it can be important, previously NSD
worked on a 32-bit architecture computer and now is working on another
computer but with 64-bit architecture.

Best regards.
José Luis

El jue, 24-10-2019 a las 10:54 +0200, Jeroen Koekkoek escribió:
> Hi José,
> 
> What are the permissions of the /var/log/nsd.log directory and what
> user are you executing nsd as? Might be wise to check if the systemd
> unit has the same user configured.
> 
> Default unit file for nsd is located at
> /lib/systemd/system/nsd.service
> on Debian.
> 
> Another question: did you upgrade the Debian 9 machine to Debian 10
> or
> did you do a fresh install and copy the configuration file? Maybe the
> uid of the user on the Debian 9 machine doesn't match the nsd user on
> the Debian 10 machine?
> 
> Best regards,
> Jeroen
> 
> 
> On Wed, 2019-10-23 at 22:26 -0300, José Luis Artuch wrote:
> > El mié, 23-10-2019 a las 21:59 -0300, José Luis Artuch escribió:
> > > Am 23.10.19 um 21:25 schrieb José Luis Artuch:
> > > > Oct 23 15:46:13 dhcppc1 nsd[2401]: [2019-10-23 15:46:13.514]
> > > nsd[2401]:
> > > > error: Cannot open /var/log/nsd/nsd.log for appending (Read-
> > > > only
> > > > file
> > > > system)$
> > > > I would appreciate help on this topic.
> > > 
> > > 2 things coming to my mind:
> > >  - chroot enabled? -> nsd-checkconf -o chroot /path/to/nsd.conf
> > >  - systemd is doint unexpected stuff
> > > 
> > > Andreas
> > > 
> > 
> > Thanks Andreas,
> > The output of
> > /usr/sbin/nsd-checkconf -o chroot /etc/nsd/nsd.conf
> > is empty.
> > I don't know what tests to do with systemd.
> > José Luis
> > 
> > _______________________________________________
> > nsd-users mailing list
> > nsd-users at NLnetLabs.nl
> > https://open.nlnetlabs.nl/mailman/listinfo/nsd-users

More information about the nsd-users mailing list