<div dir="ltr"><div><div>Hi Laci,<br><br></div>It runs fine<br><div>root@hdata3:/home/smb/code/con<wbr>f# file /home/smb/code/conf/syslog-ng.<wbr>conf</div><div>/home/smb/code/conf/syslog-ng.<wbr>conf: ASCII text</div><br></div><div>Regards<br></div><div>Mujeeb<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 25 May 2018 at 16:20, Szemere, László <span dir="ltr"><<a href="mailto:laszlo.szemere@balabit.com" target="_blank">laszlo.szemere@balabit.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello,<div><br></div><div> Thank you for the output. Can you run the</div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><b>file <span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">/home/smb/code/conf/<wbr>syslog-ng</span><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">.conf</span></b></div></blockquote><span style="font-size:12.8px"> command on your HOST machine?</span><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">Br,</span></div><div><span style="font-size:12.8px">Laci</span></div><div><span style="font-size:12.8px"><br></span></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 25, 2018 at 5:04 PM, Mujeeb Baig <span dir="ltr"><<a href="mailto:baig.mujeeb@gmail.com" target="_blank">baig.mujeeb@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">It is locating the source correctly, this is what I see under 'Mounts' section of inspect<br><br><div> "Mounts": [</div><div> {</div><div> "Type": "bind",</div><div> "Source": "/home/smb/code/conf/syslog-ng<wbr>.conf",</div><span><div> "Destination": "/1234",</div><div> "Mode": "",</div><div> "RW": true,</div><div> "Propagation": "rprivate"</div><div> }</div></span><div> ],</div><br></div><div class="m_-7574957722116888437HOEnZb"><div class="m_-7574957722116888437h5"><div class="gmail_extra"><br><div class="gmail_quote">On 25 May 2018 at 15:57, Szemere, László <span dir="ltr"><<a href="mailto:laszlo.szemere@balabit.com" target="_blank">laszlo.szemere@balabit.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello,<div><br></div><div> From the Docker documentation: <a href="https://docs.docker.com/v17.09/engine/admin/volumes/bind-mounts/#differences-between--v-and---mount-behavior" target="_blank">https://docs.do<wbr>cker.com/v17.09/engine/admin/v<wbr>olumes/bind-mounts/#difference<wbr>s-between--v-and---mount-behav<wbr>ior</a></div><div><br></div><div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote">If you use<span> </span><code class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550gmail-highlighter-rouge" style="box-sizing:border-box;font-family:Menlo,Monaco,Consolas,"courier new",monospace;font-size:12.6px;padding:3px 7px;background-color:rgba(12,81,118,0.1);border-radius:2px;overflow-x:scroll;white-space:nowrap;margin:15px 0px;color:rgb(12,81,118)">-v</code><span> </span>or<span> </span><code class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550gmail-highlighter-rouge" style="box-sizing:border-box;font-family:Menlo,Monaco,Consolas,"courier new",monospace;font-size:12.6px;padding:3px 7px;background-color:rgba(12,81,118,0.1);border-radius:2px;overflow-x:scroll;white-space:nowrap;margin:15px 0px;color:rgb(12,81,118)">--volume</code><span> </span>to bind-mount a file or directory that does not yet exist on the Docker host,<span> </span><code class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550gmail-highlighter-rouge" style="box-sizing:border-box;font-family:Menlo,Monaco,Consolas,"courier new",monospace;font-size:12.6px;padding:3px 7px;background-color:rgba(12,81,118,0.1);border-radius:2px;overflow-x:scroll;white-space:nowrap;margin:15px 0px;color:rgb(12,81,118)">-v</code><span> </span>will create the endpoint for you.<span> </span><strong style="box-sizing:border-box;font-weight:700">It is always created as a directory.<br></strong>If you use<span> </span><code class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550gmail-highlighter-rouge" style="box-sizing:border-box;font-family:Menlo,Monaco,Consolas,"courier new",monospace;font-size:12.6px;padding:3px 7px;background-color:rgba(12,81,118,0.1);border-radius:2px;overflow-x:scroll;white-space:nowrap;margin:15px 0px;color:rgb(12,81,118)">--mount</code><span> </span>to bind-mount a file or directory that does not yet exist on the Docker host, Docker does<span> </span><strong style="box-sizing:border-box;font-weight:700">not</strong><span> </span>automatically create it for you, but generates an error.</blockquote><br></div><div><br></div><div> It looks like docker daemon still can not find your file <span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><b>"$PWD"/syslog-ng.conf</b></span><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"> and creates a directory instead.</span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"> Instead of heavy debugging, I suggest to run </span><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><b>docker inspect syslog-ng</b> to see what path was actually mounted by the docker daemon. You should see something like this in the output:</span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="text-align:start;text-indent:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span style="font-size:12.8px"> "Mounts": [<br></span><span style="font-size:12.8px"> {<br></span><span style="font-size:12.8px"> "Type": "bind",<br></span><span style="font-size:12.8px"> "Source": "XXX/syslog-ng.conf",<br></span><span style="font-size:12.8px"> "Destination": "/1234",<br></span><span style="font-size:12.8px"> "Mode": "",<br></span><span style="font-size:12.8px"> "RW": true,<br></span><span style="font-size:12.8px"> "Propagation": "rprivate"<br></span><span style="font-size:12.8px"> }</span></blockquote><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-transform:none;white-space:normal;word-spacing:0px"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-transform:none;white-space:normal;word-spacing:0px"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;letter-spacing:normal;text-transform:none;white-space:normal;word-spacing:0px"> Once we have the actual mounted path, it will be easier to figure out why the docker daemon can not find your original config file.</div></span></div><div><br></div><div>Br,</div><div>Laci</div><div><br></div><div><br></div></div><div class="m_-7574957722116888437m_-3182214280317874538HOEnZb"><div class="m_-7574957722116888437m_-3182214280317874538h5"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 25, 2018 at 4:19 PM, Mujeeb Baig <span dir="ltr"><<a href="mailto:baig.mujeeb@gmail.com" target="_blank">baig.mujeeb@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>Hi Andrew,<br><br></div>Thanks for your response. Yes the path is correct <br><br></div><div>When I execute with host location as /1234 it creates the container, but nothing inside /1234 folder<br><div><br><div><div>root@hdata3:/home/smb/code/con<wbr>f# docker run -it -v "$PWD"/syslog-ng.conf:/1234 --name syslog-ng -p 514:514 -p 601:601 balabit/syslog-ng:latest</div><div>syslog-ng: Error setting capabilities, capability management disabled; error='Operation not permitted'</div><div>[2018-05-25T14:12:15.695588]
WARNING: Configuration file format is too old, syslog-ng is running in
compatibility mode. Please update it to use the syslog-ng 3.14 format at
your time of convenience. To upgrade the configuration, please review
the warnings about incompatible changes printed by syslog-ng, and once
completed change the @version header at the top of the configuration
file.;</div><div><br></div></div></div><br></div><div><br></div><div><br></div><div>I can see inside the container that
<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">/etc/syslog-ng/ this folder is not updated</span></div><div><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><div>root@hdata3:/home/smb# docker exec -ti syslog-ng /bin/bash</div><div>root@d634d32aee4c:/#</div><div>root@d634d32aee4c:/# ls -l /1234/</div><div>total 0</div><div>root@d634d32aee4c:/#</div><div>root@d634d32aee4c:/# ls -l /sy/etcslog-ng/</div><div>conf.d/ patterndb.d/ scl.conf syslog-ng.conf</div><div>root@d634d32aee4c:/# ls -lrt /etc/syslog-ng/</div><div>total 12</div><div>-rw-r--r--. 1 root root 5910 Feb 23 13:17 syslog-ng.conf</div><div>drwxr-xr-x. 2 root root 6 Mar 2 12:58 conf.d</div><div>drwxr-xr-x. 2 root root 6 Mar 2 12:58 patterndb.d</div><div>-rw-r--r--. 1 root root 1336 Mar 2 12:58 scl.conf</div><div>root@d634d32aee4c:/#</div></div><div class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550m_-344214828607827277m_2469448054026054849gmail-yj6qo"></div><div class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550m_-344214828607827277m_2469448054026054849gmail-adL"><br></div><br></div><div class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550HOEnZb"><div class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550h5"><div class="gmail_extra"><br><div class="gmail_quote">On 25 May 2018 at 13:31, Mitzki, András <span dir="ltr"><<a href="mailto:andras.mitzki@balabit.com" target="_blank">andras.mitzki@balabit.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hi Mujeeb,</div><div><br></div><div>Maybe the problem is with the config file path: "/home/smb/code/conf/syslog-ng<wbr>.conf"<br></div><div>Could you check that path is correct?<br></div><div><br></div><div>Regards</div><div>Andrew<br></div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550m_-344214828607827277h5">On Fri, May 25, 2018 at 1:13 PM, Mujeeb Baig <span dir="ltr"><<a href="mailto:baig.mujeeb@gmail.com" target="_blank">baig.mujeeb@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550m_-344214828607827277h5"><div dir="ltr">Hi<br><br><div class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550m_-344214828607827277m_4778737596190114322m_-5441214197815461185gmail-m_5651230204179623292gmail-postcell m_-7574957722116888437m_-3182214280317874538m_6496571376238631550m_-344214828607827277m_4778737596190114322m_-5441214197815461185gmail-m_5651230204179623292gmail-post-layout--right">This is my first trial of syslog-ng.
I've tried to start syslog-ng just like described on the official bolg page
<a href="https://syslog-ng.com/blog/central-log-server-docker/" rel="nofollow noreferrer" target="_blank">https://syslog-ng.com/blog/cen<wbr>tral-log-server-docker/</a>
<a href="https://syslog-ng.com/blog/collecting-docker-infrastructure-logs-using-syslog-ng/" rel="nofollow noreferrer" target="_blank">https://syslog-ng.com/blog/col<wbr>lecting-docker-infrastructure-<wbr>logs-using-syslog-ng/</a>
<div class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550m_-344214828607827277m_4778737596190114322m_-5441214197815461185gmail-m_5651230204179623292gmail-post-text"><p>I am starting docker container as:</p>
<p>docker run -it -v "$PWD"/syslog-ng.conf:/etc/sys<wbr>log-ng/syslog-ng.conf
--name syslog-ng -p 514:514 -p 601:601 balabit/syslog-ng:latest </p>
<p>But unfortunately it is failing to mount my custom (local)
configuration file from source to host, complaining about mounting a
directory onto file</p>
<p>Error:</p>
<p>docker: Error response from daemon: OCI runtime create failed:
container_linux.go:348: starting container process caused
"process_linux.go:402: container init caused \"rootfs_linux.go:58:
mounting \\"/home/smb/code/conf/syslog-<wbr>ng.conf\\" to rootfs
\\"/var/lib/docker/devicemappe<wbr>r/mnt/52d32f854a030b396b03e759<wbr>6ab5d71eb1a18f34a09d5e4997c437<wbr>568749b259/rootfs\\"
at
\\"/var/lib/docker/devicemappe<wbr>r/mnt/52d32f854a030b396b03e759<wbr>6ab5d71eb1a18f34a09d5e4997c437<wbr>568749b259/rootfs/etc/syslog-n<wbr>g/syslog-ng.conf\\"
caused \\"not a directory\\"\"": unknown: Are you trying to mount a
directory onto a file (or vice-versa)? Check if the specified host path
exists and is the expected type.</p>
<p>Am I missing something?</p><p>Please let me know</p><p>Many Thanks</p><span class="m_-7574957722116888437m_-3182214280317874538m_6496571376238631550m_-344214828607827277m_4778737596190114322HOEnZb"><font color="#888888"><p>Mujeeb<br></p><p></p></font></span></div></div><br></div>
<br></div></div>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=syslog<wbr>-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>
<br>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=syslog<wbr>-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=syslog<wbr>-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=syslog<wbr>-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=<wbr>syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/<wbr>mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/<wbr>support/documentation/?<wbr>product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/<wbr>syslog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>