openstack
/
project-config
Code Issues Proposed changes

Update logfile for unbound on centos/fedora 

Because of missing selinux rules, unbound does not properly write
logging to /var/log/unbound.log. We can move the file into
/var/lib/unbound/unbound.log and selinux should be happy.

Change-Id: I4f3265c16320613d4ba74a02df1361c5d9cf2fb1
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
Paul Belanger 2017-09-21 15:00:10 -04:00
parent d2fee232d2
commit bb25f0b716
No known key found for this signature in database
GPG Key ID: 611A80832067AF38
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
nodepool/elements/nodepool-base/finalise.d/89-unbound
View File

@ -38,12 +38,18 @@ mv /tmp/forwarding.conf /etc/unbound/
chown root:root /etc/unbound/forwarding.conf
chmod a+r /etc/unbound/forwarding.conf
dd of=/tmp/unbound-logging.conf <<EOF
if [[ "$DISTRO_NAME" =~ (centos|fedora) ]] ; then
LOG_FILE="/var/lib/unbound/unbound.log"
else
LOG_FILE="/var/log/unbound.log"
fi
UNBOUND_LOGGING_CONF="\
server:
logfile: "/var/log/unbound.log"
logfile: \"$LOG_FILE\"
# Log only errors
verbosity: 0
EOF
verbosity: 0"
echo "$UNBOUND_LOGGING_CONF" > /tmp/unbound-logging.conf
if [[ "$DISTRO_NAME" =~ (centos|fedora|opensuse) ]] ; then
UNBOUND_CONFD=/etc/unbound/conf.d
@ -55,7 +61,6 @@ mv /tmp/unbound-logging.conf $UNBOUND_CONFD
chown root:root $UNBOUND_CONFD/unbound-logging.conf
chmod a+r $UNBOUND_CONFD/unbound-logging.conf
touch /var/log/unbound.log
chown unbound /var/log/unbound.log
chmod 0644 /var/log/unbound.log