[syslog-ng] Syslog-ng" daemon killing the "setroubleshoot" daemonon RHEL5_X86_64

Shamim shamim_99 at yahoo.com
Thu Aug 9 08:49:13 CEST 2007 

Thanks for the quick reply, However I'm using the "syslog-ng.conf" as below;
  --------------------------------------------------------------------------------------------------------------------------
  options { sync (0);
          time_reopen (10);
          log_fifo_size (1000);
          long_hostnames (off);
          use_dns (no);
          use_fqdn (no);
          create_dirs (yes);
          keep_hostname (yes);
        };
  
source s_sys { file ("/proc/kmsg" log_prefix("kernel: ")); unix-stream ("/dev/log"); internal(); };
  #Everything going to one location
destination d_syslognglog { file("/var/adm/messages-ng"); };
  log { source(s_sys); destination(d_syslognglog); };
------------------------------------------------------------------------------------------------------------------------------

Note:And I've tried with unix-dgram , but stuck up with the same problem. I'll very thankful for any help.
   
  Regards
  Shamim, CSC India
   
  "Geller, Sandor (IT)" <Sandor.Geller at morganstanley.com> wrote:
  Hello,

> Hi ,
> 
> When there was no daemon of "syslog-ng" was running
> ********************************************************************
> [root at svllgg181 tmp]# ps -eaf |grep -i syslog-ng
> root 2631 2597 0 10:58 pts/0 00:00:00 grep -i syslog-ng
> [root at svllgg181 tmp]#
> *********************************************************************
> in the absence of "syslog-ng" daemon I was easily able to 
> restart the "setroubleshootd" daemon
> [root at svllgg181 tmp]# /etc/init.d/setroubleshoot restart
> Stopping setroubleshootd: [ OK ]
> Starting setroubleshootd: [ OK ]
> [root at svllgg181 tmp]#
> **************************************************************
> *****************************
> Now I started the "syslog-ng" daemon
> [root at svllgg181 tmp]# ps -eaf |grep -i syslog-ng
> root 2718 1 0 10:59 ? 00:00:00 syslog-ng
> root 2746 2597 0 11:00 pts/0 00:00:00 grep -i syslog-ng
> [root at svllgg181 tmp]#
> **************************************************************
> ***************************
> And I tried to start the "setroubleshoot", now it gives error.
> 
> [root at svllgg181 tmp]# /etc/init.d/setroubleshoot restart
> Stopping setroubleshootd: [ OK ]
> Starting setroubleshootd: [ OK ]
> [root at svllgg181 tmp]# Traceback (most recent call last):
> File "/usr/sbin/setroubleshootd", line 59, in ?
> from setroubleshoot.config import cfg
> File 
> "/usr/lib/python2.4/site-packages/setroubleshoot/__init__.py",
> line 24, in ?
> log_init(sys.argv[0])
> File 
> "/usr/lib/python2.4/site-packages/setroubleshoot/log.py", 
> line 127, in log_init
> syslog = logging.handlers.SysLogHandler(address='/dev/log')
> File "/usr/lib64/python2.4/logging/handlers.py", line 602, 
> in __init__
> self._connect_unixsocket(address)
> File "/usr/lib64/python2.4/logging/handlers.py", line 617, 
> in _connect_unixsocket
> self.socket.connect(address)
> File "", line 1, in connect
> socket.error: (13, 'Permission denied')
> [root at svllgg181 tmp]#
> 
> [root at svllgg181 tmp]# /etc/init.d/setroubleshoot restart
> Stopping setroubleshootd: [FAILED]
> Starting setroubleshootd: [ OK ]
> [root at svllgg181 tmp]# Traceback (most recent call last):
> File "/usr/sbin/setroubleshootd", line 59, in ?
> from setroubleshoot.config import cfg
> File 
> "/usr/lib/python2.4/site-packages/setroubleshoot/__init__.py",
> line 24, in ?
> log_init(sys.argv[0])
> File 
> "/usr/lib/python2.4/site-packages/setroubleshoot/log.py", 
> line 127, in log_init
> syslog = logging.handlers.SysLogHandler(address='/dev/log')
> File "/usr/lib64/python2.4/logging/handlers.py", line 602, 
> in __init__
> self._connect_unixsocket(address)
> File "/usr/lib64/python2.4/logging/handlers.py", line 617, 
> in _connect_unixsocket
> self.socket.connect(address)
> File "", line 1, in connect
> socket.error: (13, 'Permission denied')

Please show how is /dev/log configured in your syslog-ng.conf

I suppose you're using unix-dgram not unix-stream, and the program
you're trying to use doesn't handle this case.

Regards,

Sandor
--------------------------------------------------------

NOTICE: If received in error, please destroy and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error.


       
---------------------------------
 Yahoo! Mail is the world's favourite email. Don't settle for less, sign up for your freeaccount today.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20070809/46e591b0/attachment.htm

More information about the syslog-ng mailing list