Dan Horth wrote:
> Hi - I set up our named server on one of our test servers in a chroot
> jail over the weekend in our ongoing effort to tighten security as
> much as possible, and have noticed a strange thing - in that named is
> logging all it's info to the syslog at a different time to the rest
> of the stuff being logged to the syslog.
>
> as far as I can tell named is logging it's entries in UTC while the
> rest of the entries are in the local (UTC + 11) timezone
>
> ie:
>
> Oct 30 11:50:41 guineapig sshd[408]: Generating new 768 bit RSA key.
> Oct 30 11:50:41 guineapig sshd[408]: RSA key generation complete.
> Oct 30 00:51:21 guineapig named[21198]: ns_resp: query(yahoo.co.uk)
> NS points to CNAME
> Oct 30 01:06:10 guineapig named[21198]: Cleaned cache of 181 RRsets
> Oct 30 12:08:27 guineapig afpd[27265]: logout
> Oct 30 12:08:27 guineapig afpd[27265]: 92.76KB read, 45.49KB written
> Oct 30 12:08:27 guineapig PAM_pwdb[27265]: (netatalk) session closed
> for user bernie
> Oct 30 12:08:27 guineapig afpd[615]: server_child[1] 27265 done
> Oct 30 02:06:10 guineapig named[21198]: Cleaned cache of 177 RRsets
> Oct 30 13:12:10 guineapig xntpd[423]: time reset (step) 0.404254 s
> Oct 30 13:12:10 guineapig xntpd[423]: synchronisation lost
> Oct 30 13:17:31 guineapig xntpd[423]: synchronized to 129.120.3.9, stratum=3
> Oct 30 03:06:10 guineapig named[21198]: Cleaned cache of 90 RRsets
>
> This only started happening since I set up the chroot jail - I'm
> guessing it has to do with the /chroothome/bind/dev/log device node
> thingy I had to set up as part of the chrooting process:
>
> srw-rw-rw- 1 bind bind 0 Oct 29 22:54 /chroothome/bind/dev/log
>
> and this entry in /etc/rc.d/init.d/syslog to start syslog paying
> attention to the new log device node thing:
>
> daemon syslogd -m 0 -a /chroothome/bind/dev/log
>
> does anyone know what might be going on here?
My guess, and it is just a guess is that named cannot find any time zone
information since it it chrooted. Can you give it a copy of /etc/locatime or
what ever the program needs to be able to tell where it is?
Bret
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
