Post 9ohO8MFWcns8KBXXHs by hcs@pleroma.site
(DIR) More posts by hcs@pleroma.site
(DIR) Post #9ohO8KOJX9iKYrdWi0 by galaxis@mastodon.infra.de
2019-11-06T21:56:48Z
0 likes, 0 repeats
I deleted my previous rant about the Debian systemd configuration for NLnet nsd, since I'm not sure the explanation for not being able to write a log file (derived from some forum post) is correct.I rewired nsd.service to use Type=forking and nsd-control for ExecStart etc., but the log stil can't be written.So I assume it's one of the protection settings in the unit file, but I don't know enough about those.What did work was to add a "LogsDirectory=nsd" statement and use /var/log/nsd/nsd.log
(DIR) Post #9ohO8KpbtfY3vWPKFs by superruserr@infosec.exchange
2019-11-06T22:00:39Z
0 likes, 0 repeats
@galaxis Read permission issues at the source input for the log file? Write permissions at /var/log/* is what I come across also.
(DIR) Post #9ohO8LNzpp3PeAUmqu by galaxis@mastodon.infra.de
2019-11-06T22:08:50Z
0 likes, 0 repeats
@superruserr The nsd message was "error: Cannot open /var/log/nsd/nsd.log for appending (Permission denied), logging to stderr", even though all the filesystem permissions were correct.The supplied systemd unit file uses some fancy protection settings though (ProtectHome and the like), so I assume one of those is responsible for blocking writes to the log directory - adding /var/log/nsd to ReadWritePaths didn't help either, but explicitly assigning a LogsDirectory did.
(DIR) Post #9ohO8Lrm36sD8WQZGa by galaxis@mastodon.infra.de
2019-11-06T22:10:24Z
0 likes, 0 repeats
@superruserr I just don't know enough about this stuff, all of this systemd magic is way to opaque for my liking.
(DIR) Post #9ohO8MFWcns8KBXXHs by hcs@pleroma.site
2019-11-06T22:20:29.303580Z
0 likes, 0 repeats
@galaxis @superruserr appending message sounds like log rotation related Maybe it needs a nsd*.log I am going to sleep soon though and on mobile rn