[syslog-ng]Running Syslog-ng chrooted

Kaladis kaladis@gmx.de
Wed, 30 May 2001 20:11:58 +0200


Please CC answer to kaladis@gmx.de - Thank you

>/dev/log isnt a device.  its created by syslog to capture
>messages that programs send to.

And I was wondering if mknod has a hidden mode or something like that -
/dev/log is the only "pink file" (ls colour) on my fs.

> to chroot syslog, wouldnt you need to adjust the path and recompile all
programs that call syslog()?
> sys/syslog.h:
> #define _PATH_LOG       "/dev/log"

Yes, that could definately be a problem. Most programs do not log to syslog
at all, or do they? Recompiling some programs shouldn't be that much of a
problem - just very much time consuming...

> If / and /usr/jail are on the same physical partition, maybe you could
hardlink.

A hardlink seems to have worked!

Having disabled klogd I was able to get a glimpse at why syslog-ng doesn't
seem to be working. Libsafe 2.0 gave throw stuff at my console, syslog-ng
segfaults.

If I call syslog-ng with -u 102 -g 19 it segfaults, if I call it with -u
syslog -g syslog it shows me the help screen (i figure it doesn't understand
syslog and wants it numeric). If I call it without u and g it starts but
gives configuration errors (yeah I know, I need to edit the config file ;).

>Interested if you get anywhere with this... incidentally, is syslog going
to be running as root in the chroot?  I dont suppose it has >to...

I created user and group syslog and let syslog 2.5.6 switch to them as well
as chrooting to /usr/jail/syslog. Don't think I'm paranoid ;=)

I'll keep you up-to-date with that and I will mostlikely be writing a small
syslog-ng in chroot once I've got that done and release v 0.3 of my Linux
Distro (with syslog-ng chrooted of course ;).

- Kaladis

> Can you move the device file over to /usr/jail/syslog/dev/log and symlink
> it from /dev/log? That way, programs can still find it (if they don't
> care about a symlink), but it's living beneath the syslog-ng root.
>
> On Wed, May 30, 2001 at 05:52:00PM +0200, Kaladis wrote:
> > Dear Mailinglistpeoples,
> >
> > First of all I'd appreciate it if you could cc all replies to
kaladis@gmx.de
> > since I'm not a member of this mailing list.
> >
> > I am trying to run syslog-ng chrooted - to be accurate, from
> > /usr/jail/syslog. I created /usr/sbin/syslog-ng, created all directories
and
> > so on, copied the needed libraries etc. Syslog-ng is starting quite fine
> > within that chrooted environment as user syslog group syslog. However it
is
> > not logging anything. I guess that it must have to do with /dev/log
since
> > that isn't accesiable out of that environment anymore. Now I'm asking
myself
> > how I could have /dev/log under /usr/jail/syslog/dev/log or what else
the
> > problem could be.
> >
> > Thanks for your help
> >
> > - Kaladis
> >
> > ---
> > www.maganation.com/~kaladix - Kaladix Linux - Your Secure Linux Choice
> >
> >
> > _______________________________________________
> > syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> > https://lists.balabit.hu/mailman/listinfo/syslog-ng
>
>