Red Hat SummitChapter 10. Customizing BIND logging
As Identity Management (IdM) administrator, you can improve visibility and maintain security by customizing where BIND writes its logs and ensuring SELinux allows access to those custom paths.
10.1. Customizing the BIND log path
You can customize the path to your BIND logs by using the ipa-logging-ext.conf file.
Procedure
Open the
ipa-logging-ext.conffile in the/etc/named/directory and add or modify a logging channel with your file path:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Restart the BIND server:
systemctl restart named
# systemctl restart namedCopy to Clipboard Copied! Toggle word wrap Toggle overflow
10.2. Extending SELinux policy for BIND custom logging
You can extend the SELinux policy to include the BIND logs.
Procedure
Create a log directory:
mkdir -p /var/log/named chown named:named /var/log/named chmod 750 /var/log/named
# mkdir -p /var/log/named # chown named:named /var/log/named # chmod 750 /var/log/namedCopy to Clipboard Copied! Toggle word wrap Toggle overflow Assign the
named_log_tSELinux context to the new directory and the log file:semanage fcontext -a -t named_log_t "/var/log/named(/.*)?" restorecon -Rv /var/log/named
# semanage fcontext -a -t named_log_t "/var/log/named(/.*)?" # restorecon -Rv /var/log/namedCopy to Clipboard Copied! Toggle word wrap Toggle overflow Restart the BIND server:
systemctl restart named
# systemctl restart namedCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Verification
Display your custom log file:
tail -f /var/log/named/ipa_dns_queries.log
$ tail -f /var/log/named/ipa_dns_queries.logCopy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}