[syslog-ng] (2nd attempt) syslog-ng and FreeBSD jails
markzero
syslog-ng at darklogik.org
Wed Nov 30 23:14:00 CET 2005
> >Hi,
> >
> >Still having problems getting logs out of my FreeBSD jails.
> >No errors are recorded, no clue as to why there are no logs.
> >My config looks like this:
>
> strace your jailed procs. Are they writing to /var/run/log? If not, you
> need to figure out where they _are_ trying to write to.
Hello,
I used 'logger' as a test process in the jail:
656 logger CALL connect(0x1,0xbfbfda30,0x6a)
656 logger NAMI "/var/run/logpriv"
656 logger RET connect -1 errno 2 No such file or directory
656 logger CALL connect(0x1,0xbfbfda30,0x6a)
656 logger NAMI "/var/run/log"
656 logger RET connect 0
656 logger CALL sendto(0x1,0xbfbfdf80,0x1f,0,0,0)
656 logger GIO fd 1 wrote 31 bytes
"<13>Nov 30 22:06:49 mzero: test"
656 logger RET sendto 31/0x1f
656 logger CALL read(0,0x804c000,0x1000)
656 logger GIO fd 0 read 0 bytes
""
656 logger RET read 0
656 logger CALL exit(0)
I added /var/run/logpriv and am now recieving logs correctly!
Thanks, don't know why it never crossed my mind to trace the
execution...
As an aside, is there a way to preserve the hostname of the
jail?
M
--
pgp: http://www.darklogik.org/pub/pgp/pgp.txt
0160 A46A 9A48 D3B0 C92F B690 17FB 4B72 0207 ED43
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 825 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20051130/204224b6/attachment.pgp
More information about the syslog-ng
mailing list