# unbound logfile: How does it work?



## getopt (Sep 23, 2014)

In unbound.conf() can be read

```
# unbound.conf(5) config file for unbound(8).
      server:
           directory: "/etc/unbound"
           username: unbound
           # make sure unbound can access entropy from inside the chroot.
           # e.g. on linux the use these commands (on BSD, devfs(8) is used):
           #      mount --bind -n /dev/random /etc/unbound/dev/random
           # and  mount --bind -n /dev/log /etc/unbound/dev/log
           chroot: "/etc/unbound"
           # logfile: "/etc/unbound/unbound.log"  #uncomment to use logfile.
           pidfile: "/etc/unbound/unbound.pid"
           # verbosity: 1      # uncomment and increase to get more logging.
```
but 

```
# mount --bind -n /dev/random /etc/unbound/dev/random
mount: illegal option -- -
# mount --bind -n /dev/log /etc/unbound/dev/log
mount: illegal option -- -
```
with

```
# grep log /etc/unbound/unbound.conf
        logfile: /var/log/unbound.log
        use-syslog: no         # yes makes no difference
        log-time-ascii: yes
        log-queries: yes
        val-log-level: 2
```
always results in

```
# ls -l /var/log/unbound.log
-rw-------  1 root  wheel  0  8 Jun 14:23 /var/log/unbound.log
# ls -l /var/unbound/var/log/unbound.log
-rw-r-----  1 root  unbound  0 23 Sep 07:45 /var/unbound/var/log/unbound.log
```
Having read this http://unbound.net/pipermail/unbound-us ... 00674.html
did not lead to a solution. The size of the logfile stays zero. How to do it the right way?


----------



## usdmatt (Sep 23, 2014)

There is not a --bind option to `mount` on FreeBSD. As mentioned in the unbound config file, those commands are for linux and you need to use devfs() on FreeBSD.


```
mount -t devfs devfs /etc/unbound/dev
```

This assumes the chroot/directory settings in the config file are set to /etc/unbound (as per the config file quote in your post).
You should end up will a full set of devices, including random, in /etc/unbound/dev

You mention /var/unbound quite a few times in your post, but the config file at the top of your post lists /etc/unbound. I think this may be where some of the issue is coming from.

If unbound is set to use a chroot directory of /etc/unbound, then all paths will be relative to that. So if the log file in the configuration is set to /var/log/unbound.log, the log file should appear in /etc/unbound/var/log/unbound.log.


----------



## getopt (Sep 23, 2014)

These settings in /etc/unbound/unbound.conf

```
logfile: log/unbound.log
        use-syslog: no
```
will generate logging in /var/unbound/log/unbound.log
But 

```
use-syslog: yes
```
will show logging in /var/log/all.log but not /var/log/unbound.log
How should Syslog be configurated to use /var/log/unbound.log?


----------



## DenisVS (Nov 16, 2016)

Same question.
How to rearrange directories for more appropriate to FreeBSD starndart?
I wish to see the log file in the /var/log dir.


----------



## DenisVS (Nov 17, 2016)

Unfortunately not works…

```
# mkdir -p  /var/log/unbound

# chown unbound:unbound /var/log/unbound
# mcedit /var/unbound/unbound.conf
# cat /var/unbound/unbound.conf | grep '\.log'
logfile: /var/log/unbound/unbound.log
# cat /var/unbound/unbound.conf | grep verbosity
verbosity: 5

# /etc/rc.d/local_unbound stop
# /etc/rc.d/local_unbound start
# ll /var/log/unbound/
total 0
# touch /var/log/unbound/unbound.log
# chown unbound:unbound /var/log/unbound/unbound.log
# ll /var/log/unbound/
total 0
-rw-r--r--  1 unbound  unbound  0 17 ноя 08:35 unbound.log
# /etc/rc.d/local_unbound stop
# /etc/rc.d/local_unbound start
# ll /var/log/unbound/
total 0
-rw-r--r--  1 unbound  unbound  0 17 ноя 08:35 unbound.log
# chmod 777 /var/log/unbound/unbound.log
# /etc/rc.d/local_unbound stop
# /etc/rc.d/local_unbound start
# ll /var/log/unbound/
total 0
-rwxrwxrwx  1 unbound  unbound  0 17 ноя 08:35 unbound.log*
```


----------



## getopt (Nov 17, 2016)

Unbound runs chrooted. Therefore it cannot access files outside it's chroot. 
See unbound.conf(5).


----------



## xtaz (Nov 17, 2016)

I run unbound from the port rather than the base system, but in case it's useful to anyone I'll share how I solved this.

In /etc/rc.conf:

```
syslogd_flags="-l /usr/local/etc/unbound/var/run/log"
devfs_set_rulesets="/usr/local/etc/unbound/dev=devfsrules_unbound"
```

In /etc/devfs.rules:

```
[devfsrules_unbound=10]
add hide
add path random unhide
```

In /etc/syslog.conf:

```
!unbound
*.*                                             /var/log/dns.log
!*
```

In /usr/local/etc/unbound:

```
mkdir dev var var/run
```

In unbound.conf:

```
chroot: "/usr/local/etc/unbound"
```

Hopefully you get the jist of what is going on here. This is my particular choice for how to set it up but I have chrooted unbound into /usr/local/etc/unbound, mounted a devfs into the dev directory in there, and created a syslog socket in the var/run directory in there. This allows unbound to use syslog and it logs messages into /var/log/dns.log.


----------

