Thanks Jeroen,
About permissions and owners:
For /var/log/nsd.log, the directory /var/log/ has 755 root:root
For /var/log/nsd/nsd.log, I created alternatively a directory
/var/log/nsd/ with permissions 664, 666 and 777, for both nsd and root
owners.
As for NSD user, in /etc/nsd/nsd.conf I have configured username: nsd.
cat /lib/systemd/system/nsd.service
[Unit]
Description=Name Server Daemon
Documentation=man:nsd(8)
After=network.target
[Service]
Type=notify
Restart=always
ExecStart=/usr/sbin/nsd -d
ExecReload=+/bin/kill -HUP $MAINPID
CapabilityBoundingSet=CAP_CHOWN CAP_IPC_LOCK CAP_NET_BIND_SERVICE
CAP_SETGID CAP_SETUID CAP_SYS_CHROOT
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
ProtectControlGroups=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
ReadWritePaths=/var/lib/nsd /etc/nsd /run
RuntimeDirectory=nsd
RestrictRealtime=true
SystemCallArchitectures=native
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module mount
@obsolete @resources
[Install]
WantedBy=multi-user.target
I have done a fresh installation of Debian 10 and also rewrite each
configuration file.
A detail that I do not know if it can be important, previously NSD
worked on a 32-bit architecture computer and now is working on another
computer but with 64-bit architecture.
Best regards.
Jos? Luis
El jue, 24-10-2019 a las 10:54 +0200, Jeroen Koekkoek
escribi?:> Hi Jos?,
>
> What are the permissions of the /var/log/nsd.log directory and what
> user are you executing nsd as? Might be wise to check if the systemd
> unit has the same user configured.
>
> Default unit file for nsd is located at
> /lib/systemd/system/nsd.service
> on Debian.
>
> Another question: did you upgrade the Debian 9 machine to Debian 10
> or
> did you do a fresh install and copy the configuration file? Maybe the
> uid of the user on the Debian 9 machine doesn't match the nsd user on
> the Debian 10 machine?
>
> Best regards,
> Jeroen
>
>
> On Wed, 2019-10-23 at 22:26 -0300, Jos? Luis Artuch wrote:
> > El mi?, 23-10-2019 a las 21:59 -0300, Jos? Luis Artuch escribi?:
> > > Am 23.10.19 um 21:25 schrieb Jos? Luis Artuch:
> > > > Oct 23 15:46:13 dhcppc1 nsd[2401]: [2019-10-23 15:46:13.514]
> > > nsd[2401]:
> > > > error: Cannot open /var/log/nsd/nsd.log for appending (Read-
> > > > only
> > > > file
> > > > system)$
> > > > I would appreciate help on this topic.
> > >
> > > 2 things coming to my mind:
> > > - chroot enabled? -> nsd-checkconf -o chroot
/path/to/nsd.conf
> > > - systemd is doint unexpected stuff
> > >
> > > Andreas
> > >
> >
> > Thanks Andreas,
> > The output of
> > /usr/sbin/nsd-checkconf -o chroot /etc/nsd/nsd.conf
> > is empty.
> > I don't know what tests to do with systemd.
> > Jos? Luis
> >
> > _______________________________________________
> > nsd-users mailing list
> > nsd-users at NLnetLabs.nl
> > https://open.nlnetlabs.nl/mailman/listinfo/nsd-users