root has permissions to the /var/run/dnstap.sock socket file. NSD also running as root, when I run using "sudo nsd-control start", right? ??????? Original Message ??????? On Thursday, January 23, 2020 2:21 PM, Greg Bock <greg.bock at stackpath.com> wrote:> > Hello, > > I installed NSD version 4.2.4 and configured it with dnstap enabled. > > Here's the dnstap portion from both my nsd.conf > > dnstap: > > # set this to yes and set one or more of dnstap-log-..-messages to yes. > > dnstap-enable: yes > > dnstap-socket-path: "/var/run/dnstap.sock" > > dnstap-send-identity: no > > dnstap-send-version: no > > # dnstap-identity: "" > > # dnstap-version: "" > > dnstap-log-auth-query-messages: yes > > dnstap-log-auth-response-messages: yes > > I started a fstrm_capture listener before I started the nsd-control and it created the dnstap.sock in the right directory as necessary with this: sudo fstrm_capture -t protobuf:dnstap.Dnstap -u /var/run/dnstap.sock -w /home/USERNAME/FOLDER/FILENAME.dnstap > > I am not sure what I am missing. When I try to read this FILENAME.dnstap file I still don't see any output. > > There are no errors pertaining to nsd in syslog either. > > What are ownership and permissions on /var/run/dnstap.sock? I would guess that the user NSD is running as does not have permissions to write to the socket.
try: mkdir /var/run/nsd chown nsd:nsd /var/run/nsd sudo -u nsd fstrm_capture -t protobuf:dnstap.Dnstap -u /var/run/nsd/dnstap.sock -w /home/USERNAME/FOLDER/FILENAME.dnstap On 2020/01/24 06:47 QSCAcBij via nsd-users <nsd-users at lists.nlnetlabs.nl> wrote:> root has permissions to the /var/run/dnstap.sock socket file. > NSD also running as root, when I run using "sudo nsd-control start", right? > > > > > ??????? Original Message ??????? > On Thursday, January 23, 2020 2:21 PM, Greg Bock <greg.bock at stackpath.com> wrote: > > > > Hello, > > > I installed NSD version 4.2.4 and configured it with dnstap enabled. > > > Here's the dnstap portion from both my nsd.conf > > > dnstap: > > > # set this to yes and set one or more of dnstap-log-..-messages to yes. > > > dnstap-enable: yes > > > dnstap-socket-path: "/var/run/dnstap.sock" > > > dnstap-send-identity: no > > > dnstap-send-version: no > > > # dnstap-identity: "" > > > # dnstap-version: "" > > > dnstap-log-auth-query-messages: yes > > > dnstap-log-auth-response-messages: yes > > > I started a fstrm_capture listener before I started the nsd-control and it created the dnstap.sock in the right directory as necessary with this: sudo fstrm_capture -t protobuf:dnstap.Dnstap -u /var/run/dnstap.sock -w /home/USERNAME/FOLDER/FILENAME.dnstap > > > I am not sure what I am missing. When I try to read this FILENAME.dnstap file I still don't see any output. > > > There are no errors pertaining to nsd in syslog either. > > > > What are ownership and permissions on /var/run/dnstap.sock? I would guess that the user NSD is running as does not have permissions to write to the socket. > > > _______________________________________________ > nsd-users mailing list > nsd-users at lists.nlnetlabs.nl > https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users >-- Manabu Sonoda <manabu-s at iij.ad.jp> Internet Initiative Japan Inc. jp web: https://www.iij.ad.jp/ en web: https://www.iij.ad.jp/en/