:: Re: [DNG] Beowulf, and Apparmor's e…
Top Page
Delete this message
Reply to this message
Author: 'smee
Date:  
To: dng
Subject: Re: [DNG] Beowulf, and Apparmor's effect on bind9
On Sat, 2020-05-23 at 21:08 +0300, Dimitris via Dng wrote:
> bug report link, was about /var/cache, not /var/log (?).. anyway, the
>
> default apparmor profile has this :
>
>
>
> # some people like to put logs in /var/log/named/ instead of having
>
> # syslog do the heavy lifting.
>
> /var/log/named/** rw,
>
> /var/log/named/ rw,


yeah apparently same issue, different file.

ah interesting tip.


> some people following net guides/migrating from older versions,

already
> used /var/log/bind/ or /var/log/bind8 or /var/log/bind9, or other

custom
> log path.



makes sense





> they all fail with default apparmor profile.. so, one could
> add (eg.) :


> /var/log/bind9/** rw,
> /var/log/bind9/ rw,
>
> and everything would work..

I see

> in your example, "k" is for file lock, not sure it's needed in this

case (?)



yeah I'm not sure either, I went with it just on the recommendation of
the bug report, which of course is for a different file which is not a
log, so you're probably right, log files probably don't require a lock.

> 2c.


Thanks for your 2c