[dnsdist] cache dnsdist not working for my setup

Markus Ehrlicher Markus.Ehrlicher at komsa.de
Wed Feb 10 05:53:28 UTC 2021 

Hi,

I am using version 1.5.1. Your comparison with your old version 1.3 are not helpfull in my opinion, because in the meanwhile, there were made severall security improvements, as you can see in the changelog (https://dnsdist.org/changelog.html).

For example:
1.4.0: More sandboxing using systemd's features
1.5.0: Don't start as root within a systemd environment

So, 1.3 and 1.5 are not comparable.

Best regards,
Markus


-----Ursprüngliche Nachricht-----
Von: dnsdist <dnsdist-bounces at mailman.powerdns.com> Im Auftrag von SAMI RAHAL via dnsdist
Gesendet: Dienstag, 9. Februar 2021 18:38
An: dnsdist at mailman.powerdns.com
Betreff: Re: [dnsdist] cache dnsdist not working for my setup

Thank you Pieter
But I encountered this problem when I installed version 1.5 with version 1.3 I don't have this problem here is my log configuration:
addAction(AllRule(), LogAction("/var/log/dnsdist.log", false, true, false)) thank you Markus , which version of dnsdist are you using ?




________________________________________
De : dnsdist <dnsdist-bounces at mailman.powerdns.com> de la part de dnsdist-request at mailman.powerdns.com <dnsdist-request at mailman.powerdns.com>
Envoyé : mardi 9 février 2021 13:00
À : dnsdist at mailman.powerdns.com
Objet : dnsdist Digest, Vol 66, Issue 12

Send dnsdist mailing list submissions to
        dnsdist at mailman.powerdns.com

To subscribe or unsubscribe via the World Wide Web, visit
        https://mailman.powerdns.com/mailman/listinfo/dnsdist
or, via email, send a message with subject or body 'help' to
        dnsdist-request at mailman.powerdns.com

You can reach the person managing the list at
        dnsdist-owner at mailman.powerdns.com

When replying, please edit your Subject line so it is more specific than "Re: Contents of dnsdist digest..."


Today's Topics:

   1. Re: cache dnsdist not working for my setup (Pieter Lexis)
   2. Re: cache dnsdist not working for my setup (Markus Ehrlicher)


----------------------------------------------------------------------

Message: 1
Date: Tue, 9 Feb 2021 10:24:42 +0100
From: Pieter Lexis <pieter.lexis at powerdns.com>
To: dnsdist at mailman.powerdns.com
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <1c384ba0-5146-4f21-bfff-801b4c66e1ba at powerdns.com>
Content-Type: text/plain; charset=utf-8

Hi,

On 2/9/21 9:41 AM, SAMI RAHAL via dnsdist wrote:
> I have adjusted access to the console, but now I have a problem with 
> the dnsdist log file
>
> Fatal Lua error: [string "chunk"]:164: Caught exception: Unable to 
> open file '/var/log/dnsdist.log' for logging: Permission denied
>
> ls -l /var/log/
> -rw-------  1 dnsdist dnsdist        0 Feb  8 03:21 dnsdist.log
> -rw-------  1 dnsdist dnsdist        0 Feb  7 19:59 dnsdist.log-20210208
>
>
> the log files are empty, I didn't have this problem before installing 
> version 1.5

dnsdist runs as the dnsdist user. 2 things might be the case

1. the /var/lib directory is not accessable to all users 2. a protection setting in the systemd service file might prevent thist (most likely ProtectSystem=full)

Have a look at what might be the culprit here.

--
Pieter Lexis
PowerDNS.COM BV -- https://www.powerdns.com


------------------------------

Message: 2
Date: Tue, 9 Feb 2021 10:03:41 +0000
From: Markus Ehrlicher <Markus.Ehrlicher at komsa.de>
To: "'dnsdist at mailman.powerdns.com'" <dnsdist at mailman.powerdns.com>
Subject: Re: [dnsdist] cache dnsdist not working for my setup
Message-ID: <7034235e27fa4916b300db5450ab55dc at komsa.de>
Content-Type: text/plain; charset="iso-8859-1"

Hi,

I think, I ran into the same problem ob Ubuntu 20.04. My solution was, to create an folder /var/log/dnsdist with write-permission to the _dnsdist-User and configured all logfiles for dnsdist to this location.

Best regards,
Markus

-----Urspr?ngliche Nachricht-----
Von: dnsdist <dnsdist-bounces at mailman.powerdns.com> Im Auftrag von Pieter Lexis via dnsdist
Gesendet: Dienstag, 9. Februar 2021 10:25
An: dnsdist at mailman.powerdns.com
Betreff: Re: [dnsdist] cache dnsdist not working for my setup

Hi,

On 2/9/21 9:41 AM, SAMI RAHAL via dnsdist wrote:
> I have adjusted access to the console, but now I have a problem with 
> the dnsdist log file
>
> Fatal Lua error: [string "chunk"]:164: Caught exception: Unable to 
> open file '/var/log/dnsdist.log' for logging: Permission denied
>
> ls -l /var/log/
> -rw-------  1 dnsdist dnsdist        0 Feb  8 03:21 dnsdist.log
> -rw-------  1 dnsdist dnsdist        0 Feb  7 19:59 dnsdist.log-20210208
>
>
> the log files are empty, I didn't have this problem before installing 
> version 1.5

dnsdist runs as the dnsdist user. 2 things might be the case

1. the /var/lib directory is not accessable to all users 2. a protection setting in the systemd service file might prevent thist (most likely ProtectSystem=full)

Have a look at what might be the culprit here.

--
Pieter Lexis
PowerDNS.COM BV -- https://www.powerdns.com _______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist


------------------------------

Subject: Digest Footer

_______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist


------------------------------

End of dnsdist Digest, Vol 66, Issue 12
***************************************
_______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist

More information about the dnsdist mailing list