I am trying to change the file that my BIND server stores query logs from the messages file in /var/log/messages to /var/log/named/named.log. When I restart the BIND service, for the changes to take effect, it fails to start because the service doesn't have permission to access the new log file. How can I give BIND permission to access the new log file? Here is the output from the error. I am running this server on Debian.
--
-- A start job for unit bind9.service has finished with a failure.
--
-- The job identifier is 3717 and the job result is failed.
Jun 27 17:12:11 bcc-21 named[3188]: configuring command channel from '/etc/bind/rndc.key'
Jun 27 17:12:11 bcc-21 named[3188]: command channel listening on 127.0.0.1#953
Jun 27 17:12:11 bcc-21 named[3188]: configuring command channel from '/etc/bind/rndc.key'
Jun 27 17:12:11 bcc-21 named[3188]: command channel listening on ::1#953
Jun 27 17:12:11 bcc-21 named[3188]: isc_stdio_open '/var/log/named/named.log' failed: permission denied
Jun 27 17:12:11 bcc-21 named[3188]: configuring logging: permission denied
Jun 27 17:12:11 bcc-21 named[3188]: loading configuration: permission denied
Jun 27 17:12:11 bcc-21 named[3188]: exiting (due to fatal error)