Useful Snippets

Welcome!


This blog is used to collect useful snippets related to Linux, PHP, MySQL and more. Feel free to post comments with improvements or questions!

Are your smart devices spying on you? Make better purchasing choices and find products that respect your privacy at Unwanted.cloud

RSS Latest posts from my personal blog


Subscribe to RSS feed


Enable logging of DNS queries in Unbound DNS resolver

Stanislav KhromovStanislav Khromov

In order to enable logging in the Unbound DNS resolver, you have to add the following lines to your /etc/unbound/unbound.conf configuration file:

server:
    chroot: ""
    logfile: /var/log/unbound.log
    verbosity: 1
    log-queries: yes
    ...

Then, create the file and make sure it’s owned by the unbound process:

touch /var/log/unbound.log
chown unbound:unbound /var/log/unbound.log

Finally, restart Unbound:

/etc/init.d/unbound restart

Now you should be able to see the log:

tail -f /var/log/unbound.log
[1553775590] unbound[32655:0] info: 127.0.0.1 googlemail.l.google.com. A IN
[1553775609] unbound[32655:0] info: 127.0.0.1 acp-ss-ew1.adobe.io. A IN
[1553775695] unbound[32655:0] info: 127.0.0.1 clients4.google.com. A IN
...

The reason you have to add chroot: "" is because by default unbound runs in a chroot and can’t write to /var/log.

This post was tested on OpenWRT.

Full-stack impostor syndrome sufferer & Software Engineer at Schibsted Media Group

Comments 5
  • James
    Posted on

    James James

    Reply Author

    Thanks this was helpful!


  • Chris
    Posted on

    Chris Chris

    Reply Author

    Thx! I tried a lot of other stuff … ;-)


  • Menard
    Posted on

    Menard Menard

    Reply Author

    I think your tutorial can work on Linux Mint but for the moment I failed
    Know that I didn’t create a user “unbound” so what to do with rights on the log file
    And how to restart unbound because I didn’t add it as a service or process so that systemctl don’t work


    • Menard
      Posted on

      Menard Menard

      Reply Author

      It works in fact … :) Thanks a lot
      It is weird that Unbound didn’t make the whole information’s work


  • Zeca
    Posted on

    Zeca Zeca

    Reply Author

    Thanks for sharing.

    To work on Debian 12 it was necessary:

    We have to edit the settings:

    vim /etc/apparmor.d/local/usr.sbin.unbound

    Add this line (Here you should write a path to your “unbound.log” file. ):

    Site-specific additions and overrides for usr.sbin.unbound.

    For more details, please see /etc/apparmor.d/local/README.
    /var/log/unbound/unbound.log rw,

    Reload apparmor config and restart unbound services:

    apparmor_parser -r /etc/apparmor.d/usr.sbin.unbound
    service unbound restart