[syslog-ng] Timestamp inconsistency
Jens Grigel
jens-lists at sskm.de
Wed Jul 4 17:13:27 CEST 2007
On Tue, 2007-06-26 at 10:49 -0400, Tim Boyer wrote:
> ...
> >
> > So the easiest fix is to fix sshd.
> >
>
> I'll get right on that... :)
>
> Seriously, thanks for the detailed explanation - I know what's happening
> now, at least. It's Red Hat RHEL5, so it's as up-to-date as I'm going to
> get, but I'll at least let them know it's a problem.
>
Hi,
this is a know problem due to the chrooted sshd and the
missing /etc/localtime in the the chroot under /var/empty/sshd.
Check http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193184
for the discussion and a workaround.
Running a couple of CentOS 4 and 5 systems here, the small script
section from the bugzilla solved the time problem from the sshd logs for
all of them.
hope that helps.
--
Jens Grigel
Citysavingsbank Munich, Germany
Dept. of Network/Security
More information about the syslog-ng
mailing list