[syslog-ng] issue during start up

Wed May 16 17:20:47 CEST 2012

Hello all:

Just to follow up, it appears that selinux was my issue as Syslog-NG appears to be working.

Thank you!

Jason Kojro-Badziak
Monolith Software
Staff Engineer
311 North 2nd Street, Suite #302
St. Charles, IL 60174
Office:  312-957-6470 x3010
Email:  jbadziak at monolith-software.com

-----Original Message-----
From: syslog-ng-bounces at lists.balabit.hu [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Jason Kojro-Badziak
Sent: Tuesday, May 15, 2012 4:45 PM
To: Syslog-ng users' and developers' mailing list
Subject: Re: [syslog-ng] issue during start up

Hello Sandor:

Sadly, I am not sure what version I have installed on the system where it is currently working.  Is there a command or a place where I can check what version is installed?

On the newly installed system, I installed Syslog-NG via yum/epel, which has 3.2.5-3.el6 available for Centos 6.2.

However, thank you for the selinux tip!  I disabled it on the new system, and it appears to be functional, but I will have to do some more testing to make sure.

Thank you!

Jason Kojro-Badziak
Monolith Software
Staff Engineer
311 North 2nd Street, Suite #302
St. Charles, IL 60174
Office:  312-957-6470 x3010
Email:  jbadziak at monolith-software.com

-----Original Message-----
From: syslog-ng-bounces at lists.balabit.hu [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Sandor Geller
Sent: Tuesday, May 15, 2012 4:10 PM
To: Syslog-ng users' and developers' mailing list
Subject: Re: [syslog-ng] issue during start up

Hi,

Which syslog-ng version are you using? Do you have any security-related stuff (apparmor, SElinux) active which could drop the CAP_NET_RAW capability?

Regards,

Sandor

On Tue, May 15, 2012 at 5:00 PM, Jason Kojro-Badziak <jbadziak at monolith-software.com> wrote:
> Hi James:
>
> The results of the command you sent are different, and here they are:
>
> On the server where Syslog-NG is Working
>        linux-vdso.so.1 =>  (0x00007fff0638f000)
>        libsyslog-ng.so.0 => /lib64/libsyslog-ng.so.0
> (0x00007fc19ea8d000)
>        libnsl.so.1 => /lib64/libnsl.so.1 (0x0000003940400000)
>        libgmodule-2.0.so.0 => /lib64/libgmodule-2.0.so.0
> (0x00000038cd000000)
>        libgthread-2.0.so.0 => /lib64/libgthread-2.0.so.0
> (0x000000393f000000)
>        librt.so.1 => /lib64/librt.so.1 (0x000000393e000000)
>        libglib-2.0.so.0 => /lib64/libglib-2.0.so.0
> (0x000000393e800000)
>        libevtlog.so.0 => /lib64/libevtlog.so.0 (0x00007fc19e887000)
>        libpcre.so.0 => /lib64/libpcre.so.0 (0x00007fc19e65b000)
>        libdl.so.2 => /lib64/libdl.so.2 (0x00000034ab600000)
>        libpthread.so.0 => /lib64/libpthread.so.0 (0x000000393d400000)
>        libc.so.6 => /lib64/libc.so.6 (0x000000393cc00000)
>        /lib64/ld-linux-x86-64.so.2 (0x000000393c800000)
>
> On the server where Syslog-NG is Not Working
>        linux-vdso.so.1 =>  (0x00007fffff1ff000)
>        libsyslog-ng.so.0 => /lib64/libsyslog-ng.so.0
> (0x00007f1e70904000)
>        libnsl.so.1 => /lib64/libnsl.so.1 (0x00007f1e706eb000)
>        libgmodule-2.0.so.0 => /lib64/libgmodule-2.0.so.0
> (0x00007f1e704e7000)
>        libgthread-2.0.so.0 => /lib64/libgthread-2.0.so.0
> (0x00007f1e702e3000)
>        librt.so.1 => /lib64/librt.so.1 (0x00007f1e700db000)
>        libglib-2.0.so.0 => /lib64/libglib-2.0.so.0
> (0x00007f1e6fdf4000)
>        libevtlog.so.0 => /lib64/libevtlog.so.0 (0x00007f1e6fbf0000)
>        libpcre.so.0 => /lib64/libpcre.so.0 (0x00007f1e6f9c4000)
>        libdl.so.2 => /lib64/libdl.so.2 (0x00007f1e6f7bf000)
>        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f1e6f5a3000)
>        libc.so.6 => /lib64/libc.so.6 (0x00007f1e6f202000)
>        /lib64/ld-linux-x86-64.so.2 (0x00007f1e70b75000)
>
>
>
> Thank you!
>
> Jason Kojro-Badziak
> Monolith Software
> Staff Engineer
> 311 North 2nd Street, Suite #302
> St. Charles, IL 60174
> Office:  312-957-6470 x3010
> Email:  jbadziak at monolith-software.com
>
> -----Original Message-----
> From: syslog-ng-bounces at lists.balabit.hu
> [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Lay, James
> Sent: Tuesday, May 15, 2012 3:49 PM
> To: Syslog-ng users' and developers' mailing list
> Subject: Re: [syslog-ng] issue during start up
>
> Hello all:
>
> I am afraid I am having another issue which I would like some help with.  When I try to start syslog-ng, I am getting this error:
>
>                 Starting syslog-ng: Error initializing raw socket, 
> spoof-source support disabled;
>
> Syslog-ng then starts, but it doesn't appear to be forwarding messages.  This is extremely strange as I have syslog-ng installed and running with the exact same config file on another system without any issues.
>
> I am sure the problem is that I'm an idiot, but I would greatly appreciate any help with the error I am having.
>
> Thank you!
>
>
>
>
> Try doing a:
>
> ldd `which syslog-ng`
>
> on both boxes....see if they are different.
>
> James
> ______________________________________________________________________
> ________ Member info: 
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: 
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
> ______________________________________________________________________
> ________ Member info: 
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: 
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq