Balazs Scheidler wrote :

On Thu, Nov 07, 2002 at 03:10:50PM +0100, Guillaume LACHENAL wrote:

...

Is it for the same reasons that I have (almost) every time to send SIGTERM *twice* for syslog-ng to terminate ?

it was a bug, and should have been fixed in latest 1.5.x release.

OK. I'll upgrade when the best of syslog-ng will be configured quite fine on the box ;-)

...

...

then instead of using syslog-ng's own chroot feature, use the chroot

Are you sure a chrooted process can follow symlinks outside the jail ?

it's not the chrooted process which accesses the symlink, the programs running outside are accessing a file _in_ the chroot. (symlink in /dev/log pointing to /chroot/dev/log)

Could you please explain. It works as you say with ntpd chrooted on my box. But, after 'chroot /chroot /sbin/ntpd' the running ntpd only see what's under '/chroot/'. How it works when ntpd attempt to log something ? (to /chroot/dev/log)

I remember, libc itself shouldn't be needed. ldd shows what syslog-ng is linked to, but if it started outside, it will link to /lib/libc.so.6, and _then_ chroot itself -> no need for libc in the jail itself.

the others libresolv etc. are loaded after the chroot() call, so they must be present in the jail as well.

try rm-ing the libc inside the jail (and only libc the others might be needed), and start syslog-ng, it _should_ work.

Yes, it works