I deleted my previous rant about the Debian systemd configuration for NLnet nsd, since I'm not sure the explanation for not being able to write a log file (derived from some forum post) is correct.
I rewired nsd.service to use Type=forking and nsd-control for ExecStart etc., but the log stil can't be written.
So I assume it's one of the protection settings in the unit file, but I don't know enough about those.
What did work was to add a "LogsDirectory=nsd" statement and use /var/log/nsd/nsd.log
@galaxis Read permission issues at the source input for the log file?
Write permissions at /var/log/* is what I come across also.
@superruserr The nsd message was "error: Cannot open /var/log/nsd/nsd.log for appending (Permission denied), logging to stderr", even though all the filesystem permissions were correct.
The supplied systemd unit file uses some fancy protection settings though (ProtectHome and the like), so I assume one of those is responsible for blocking writes to the log directory - adding /var/log/nsd to ReadWritePaths didn't help either, but explicitly assigning a LogsDirectory did.
@superruserr I just don't know enough about this stuff, all of this systemd magic is way to opaque for my liking.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!