[syslog-ng]'debug' priority?

Balazs Scheidler syslog-ng@lists.balabit.hu
Mon, 08 Mar 2004 17:43:40 +0100


2004-03-08, h keltezéssel 15:41-kor Pavel Urban ezt írta:
> I cannot confirm this. Here is an output from truss utility (only 
> relevant part):
>
> 16989:  open("/etc/syslog-ng.conf", O_RDONLY)           = 3
> 16989:  ioctl(3, TCGETA, 0xFFBEF8D4)                    Err#25 ENOTTY
> 16989:  fstat64(3, 0xFFBEF2D0)                          = 0
> 16989:  ioctl(3, TCGETA, 0xFFBEF25C)                    Err#25 ENOTTY
> 16989:  read(3, " #   s y s l o g - n g  ".., 8192)     = 2859
> 16989:  read(3, 0x00049E24, 8192)                       = 0
> 16989:  ioctl(3, TCGETA, 0xFFBEF334)                    Err#25 ENOTTY
> 16989:  llseek(3, 0, SEEK_CUR)                          = 2859
> 16989:  close(3)                                        = 0
> 16989:  time()                                          = 1078752370
> 16989:  time()                                          = 1078752370
> 16989:  time()                                          = 1078752370
> 16989:  poll(0x00000000, 0, 0)                          = 0
> 16989:  door_revoke(5)                                  = 0
> 16989:  close(5)                                        Err#9 EBADF
> 16989:  time()                                          = 1078752370
> 16989:  time()                                          = 1078752370
> 16989:  poll(0x00000000, 0, 0)                          = 0
> 16989:  open("/dev/log", O_RDONLY|O_NONBLOCK|O_NOCTTY)  = 3
> 16989:  ioctl(3, I_STR, 0xFFBEF8C8)                     = 0
> 16989:  stat("/etc/.syslog_door", 0xFFBEF840)           = 0
> 16989:  umount2("/etc/.syslog_door", 0x00000000)        = 0
> 16989:  door_create(0x0001DCD0, 0x00000000, 0x00000000) = 5
> 16989:  getpid()                                        = 16989 [1]
> 16989:  ioctl(5, I_CANPUT, 0x00000000)                  Err#89 ENOSYS
> 16989:  door_info(5, 0xFFBEF7A8)                        = 0
> 16989:  mount("", "/etc/.syslog_door", 0x00000804, "namefs", 0xFFBEF7A4, 
> 4) = 0
> 16989:  getpid()                                        = 16989 [1]
> 16989:  time()                                          = 1078752370
> 16989:  open("/var/log/testlog", 
> O_WRONLY|O_APPEND|O_NONBLOCK|O_CREAT|O_NOCTTY|O_LARGEFILE, 0600) = 6
> 16989:  chown("/var/log/testlog", 0, 0)                 = 0
> 16989:  chmod("/var/log/testlog", 0600)                 = 0

> here the file has been created and open for appending, but nothing has 
> been written to it.
> 

Hmm.. I am reading the source but I can't see how it would create a file
beforehand. I also tried strace-ing my syslog-ng process and it really
does not create the file:

open("syslog-ng.conf", O_RDONLY)        = 3
ioctl(3, TCGETS, 0xbffff6d0)            = -1 ENOTTY (Inappropriate ioctl for device)
fstat64(3, {st_mode=S_IFREG|0644, st_size=232, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(3, "options { gc_idle_threshold(3000"..., 8192) = 232
read(3, "", 4096)                       = 0
read(3, "", 8192)                       = 0
ioctl(3, TCGETS, 0xbffff1a0)            = -1 ENOTTY (Inappropriate ioctl for device)
close(3)                                = 0
munmap(0x40018000, 4096)                = 0
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
write(2, "binding fd 3, inetaddr: 0.0.0.0,"..., 44) = 44
setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
bind(3, {sa_family=AF_INET, sin_port=htons(2000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
write(2, "io.c: listening on fd 3\n", 24) = 24
listen(3, 256)                          = 0
write(2, "syslog-ng version 1.6.2 starting"..., 33) = 33
rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGHUP, {0x8049d0c, [HUP], SA_RESTART}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGTERM, {0x8049d30, [TERM], SA_RESTART}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGCHLD, {0x8049d54, [CHLD], SA_RESTART}, {SIG_DFL}, 8) = 0
time(NULL)                              = 1078763989
time(NULL)                              = 1078763989
poll([{fd=3, events=POLLIN}], 1, 100)   = 0

Here's my config file:

options { gc_idle_threshold(3000); gc_busy_threshold(30000); check_hostname(yes); use_dns(no); };
 
source src { tcp(port(2000)); internal(); };
 
destination d_spoof { file("varangy"); };
 
log { source(src); destination(d_spoof); };

now stracing when sending a message (continuing the previous strace
dump):

poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 600000) = 1
accept(3, {sa_family=AF_INET, sin_port=htons(33337), sin_addr=inet_addr("127.0.0.1")}, [16]) = 4
fcntl64(4, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
write(2, "AF_INET client connected from 12"..., 52) = 52
write(2, "io.c: Preparing fd 4 for reading"..., 33) = 33
time(NULL)                              = 1078764110
poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}], 2, 100) = 0
poll([{fd=4, events=POLLIN, revents=POLLIN}, {fd=3, events=POLLIN}], 2, 583000)
= 1
read(4, "abcdef\r\n", 2048)             = 8
time(NULL)                              = 1078764112
time(NULL)                              = 1078764112
open("/etc/localtime", O_RDONLY)        = 5
fstat64(5, {st_mode=S_IFREG|0644, st_size=866, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(5, "TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\6\0\0\0\6\0"..., 4096) = 866close(5)                                = 0
munmap(0x40018000, 4096)                = 0
open("varangy", O_WRONLY|O_NONBLOCK|O_APPEND|O_CREAT|O_NOCTTY|O_LARGEFILE, 0600) = 5
chown32(0x8061458, 0, 0)                = -1 EPERM (Operation not permitted)
chmod("varangy", 0600)                  = 0
fcntl64(5, F_GETFL)                     = 0x8c01 (flags O_WRONLY|O_NONBLOCK|O_APPEND|O_LARGEFILE)
fcntl64(5, F_SETFL, O_WRONLY|O_NONBLOCK|O_APPEND|O_LARGEFILE) = 0
fcntl64(5, F_SETFD, FD_CLOEXEC)         = 0

Reading the source I still cannot see how it would create the file
during initialization.
-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1