Date: Tue, 21 Nov 2017 09:34:19 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Alexander Zagrebin <alex@zagrebin.ru> Cc: freebsd-net@freebsd.org, Andriy Gapon <avg@FreeBSD.org> Subject: Re: local_unbound, resolvconf, vpn Message-ID: <86po8c6nec.fsf@desk.des.no> In-Reply-To: <20171121094527.0952f3b9@vm2.home.zagrebin.ru> (Alexander Zagrebin's message of "Tue, 21 Nov 2017 09:45:27 %2B0300") References: <5689438f-6734-6b57-b700-d70ee2b7578a@FreeBSD.org> <86a7zq8er7.fsf@desk.des.no> <8a098542-9f04-3a41-76f1-e463e3e89c99@FreeBSD.org> <86y3n16mez.fsf@desk.des.no> <37f97bc5-5187-2700-5811-a9cf173eeb10@FreeBSD.org> <86tvxp6jja.fsf@desk.des.no> <20171121094527.0952f3b9@vm2.home.zagrebin.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexander Zagrebin <alex@zagrebin.ru> writes: > Also I have to notice that there is another issue with the default > local_unbound setup: > by default unbound uses syslog for logging, but usually the > local_unbound service starts before syslogd and so logging doesn't work > until local_unbound will be reloaded. That's a chicken-and-egg problem since syslogd may need DNS to log to an external aggregator. > So it's looks reasonable to use logging to file by default. No, it's not reasonable. We have syslogd for a reason. What we need to do is give unbound its own log socket inside the chroot, as we used to do for named: 1) Have local-unbound-setup edit /var/run/syslogd.sockets if necessary. 2) Edit log_init() in contrib/unbound/util/log.c so it notices if the log socket is inside the chroot and does the right thing (including but not limited to rewriting the socket path and not using NDELAY). This should be sufficient since syslog() will retry openlog() every time you call it, so it doesn't matter if the log socket isn't present or connected when Unbound starts, as long as it's reachable from within the chroot when it does appear. Log messages emitted before syslogd starts will go to the console, so they won't be lost. For bonus points, modify syslogd so log sockets can be specified in syslog.conf instead of (or in addition to) being passed on the command line. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86po8c6nec.fsf>