forked from evolix/ansible-roles
Changed log directory for bind9
It is now /var/log/named, this is what debian 10 and apparmor expect by default. This fixes the bind9 service crashing at start.
This commit is contained in:
parent
3cb18faf28
commit
7da22e243e
|
@ -31,9 +31,11 @@ The **patch** part changes incrementally at each release.
|
||||||
* minifirewall: change some defaults
|
* minifirewall: change some defaults
|
||||||
* nagios-nrpe: update check_phpfpm_status.pl & install perl dependencies
|
* nagios-nrpe: update check_phpfpm_status.pl & install perl dependencies
|
||||||
* redis: use /run instead or /var/run
|
* redis: use /run instead or /var/run
|
||||||
|
* bind9: moved logs from /var/log/bind* to /var/log/named/* to fix problems with apparmor
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
* nginx: no more "minimal" mode, but the package remains customizable.
|
* nginx: no more "minimal" mode, but the package remains customizable.
|
||||||
|
|
|
@ -6,6 +6,7 @@ bind_chroot_set: True
|
||||||
#bind_chroot_path: /var/chroot-bind
|
#bind_chroot_path: /var/chroot-bind
|
||||||
bind_systemd_service_path: /etc/systemd/system/bind9.service
|
bind_systemd_service_path: /etc/systemd/system/bind9.service
|
||||||
bind_statistics_file: /var/run/named.stats
|
bind_statistics_file: /var/run/named.stats
|
||||||
bind_log_file: /var/log/bind.log
|
bind_log_folder: /var/log/named
|
||||||
bind_query_file: /var/log/bind_queries.log
|
bind_log_file: "{{ bind_log_folder }}/bind.log"
|
||||||
|
bind_query_file: "{{ bind_log_folder }}/bind_queries.log"
|
||||||
bind_cache_dir: /var/cache/bind
|
bind_cache_dir: /var/cache/bind
|
||||||
|
|
|
@ -22,7 +22,7 @@ mkdir -p /var/chroot-bind
|
||||||
mkdir -p /var/chroot-bind/bin /var/chroot-bind/dev /var/chroot-bind/etc \
|
mkdir -p /var/chroot-bind/bin /var/chroot-bind/dev /var/chroot-bind/etc \
|
||||||
/var/chroot-bind/lib /var/chroot-bind/usr/lib \
|
/var/chroot-bind/lib /var/chroot-bind/usr/lib \
|
||||||
/var/chroot-bind/usr/sbin /var/chroot-bind/var/cache/bind \
|
/var/chroot-bind/usr/sbin /var/chroot-bind/var/cache/bind \
|
||||||
/var/chroot-bind/var/log /var/chroot-bind/var/run/named/ \
|
/var/chroot-bind/var/log/named /var/chroot-bind/var/run/named/ \
|
||||||
/var/chroot-bind/run/named/
|
/var/chroot-bind/run/named/
|
||||||
|
|
||||||
# for conf
|
# for conf
|
||||||
|
@ -32,9 +32,9 @@ if [ ! -h "/etc/bind" ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# for logs
|
# for logs
|
||||||
touch /var/chroot-bind/var/log/bind.log
|
touch /var/chroot-bind/var/log/named/bind.log
|
||||||
if [ ! -h "/var/log/bind.log" ]; then
|
if [ ! -h "/var/log/named/bind.log" ]; then
|
||||||
ln -s /var/chroot-bind/var/log/bind.log /var/log/bind.log
|
ln -s /var/chroot-bind/var/log/named/bind.log /var/log/named/bind.log
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# for pid
|
# for pid
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
# Until chroot-bind.sh is migrated to ansible, we hardcode the chroot paths.
|
# Until chroot-bind.sh is migrated to ansible, we hardcode the chroot paths.
|
||||||
- name: set chroot variables
|
- name: set chroot variables
|
||||||
set_fact:
|
set_fact:
|
||||||
bind_log_file: /var/log/bind.log
|
bind_log_file: /var/log/named/bind.log
|
||||||
bind_query_file: /var/log/bind_queries.log
|
bind_query_file: /var/log/named/bind_queries.log
|
||||||
bind_cache_dir: /var/cache/bind
|
bind_cache_dir: /var/cache/bind
|
||||||
bind_statistics_file: /var/run/named.stats
|
bind_statistics_file: /var/run/named.stats
|
||||||
bind_chroot_path: /var/chroot-bind
|
bind_chroot_path: /var/chroot-bind
|
||||||
|
@ -58,6 +58,15 @@
|
||||||
- restart bind
|
- restart bind
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
|
- name: "create {{ bind_log_folder }} if non chroot"
|
||||||
|
file:
|
||||||
|
path: "{{ bind_log_folder }}"
|
||||||
|
owner: bind
|
||||||
|
group: adm
|
||||||
|
mode: "0750"
|
||||||
|
state: directory
|
||||||
|
when: not bind_chroot_set
|
||||||
|
|
||||||
- name: "touch {{ bind_log_file }} if non chroot"
|
- name: "touch {{ bind_log_file }} if non chroot"
|
||||||
file:
|
file:
|
||||||
path: "{{ bind_log_file }}"
|
path: "{{ bind_log_file }}"
|
||||||
|
|
Loading…
Reference in a new issue