[syslog-ng] issue during start up
Jason Kojro-Badziak
jbadziak at monolith-software.com
Wed May 16 17:20:47 CEST 2012
Hello all:
Just to follow up, it appears that selinux was my issue as Syslog-NG appears to be working.
Thank you!
Jason Kojro-Badziak
Monolith Software
Staff Engineer
311 North 2nd Street, Suite #302
St. Charles, IL 60174
Office: 312-957-6470 x3010
Email: jbadziak at monolith-software.com
-----Original Message-----
From: syslog-ng-bounces at lists.balabit.hu [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Jason Kojro-Badziak
Sent: Tuesday, May 15, 2012 4:45 PM
To: Syslog-ng users' and developers' mailing list
Subject: Re: [syslog-ng] issue during start up
Hello Sandor:
Sadly, I am not sure what version I have installed on the system where it is currently working. Is there a command or a place where I can check what version is installed?
On the newly installed system, I installed Syslog-NG via yum/epel, which has 3.2.5-3.el6 available for Centos 6.2.
However, thank you for the selinux tip! I disabled it on the new system, and it appears to be functional, but I will have to do some more testing to make sure.
Thank you!
Jason Kojro-Badziak
Monolith Software
Staff Engineer
311 North 2nd Street, Suite #302
St. Charles, IL 60174
Office: 312-957-6470 x3010
Email: jbadziak at monolith-software.com
-----Original Message-----
From: syslog-ng-bounces at lists.balabit.hu [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Sandor Geller
Sent: Tuesday, May 15, 2012 4:10 PM
To: Syslog-ng users' and developers' mailing list
Subject: Re: [syslog-ng] issue during start up
Hi,
Which syslog-ng version are you using? Do you have any security-related stuff (apparmor, SElinux) active which could drop the CAP_NET_RAW capability?
Regards,
Sandor
On Tue, May 15, 2012 at 5:00 PM, Jason Kojro-Badziak <jbadziak at monolith-software.com> wrote:
> Hi James:
>
> The results of the command you sent are different, and here they are:
>
> On the server where Syslog-NG is Working
> linux-vdso.so.1 => (0x00007fff0638f000)
> libsyslog-ng.so.0 => /lib64/libsyslog-ng.so.0
> (0x00007fc19ea8d000)
> libnsl.so.1 => /lib64/libnsl.so.1 (0x0000003940400000)
> libgmodule-2.0.so.0 => /lib64/libgmodule-2.0.so.0
> (0x00000038cd000000)
> libgthread-2.0.so.0 => /lib64/libgthread-2.0.so.0
> (0x000000393f000000)
> librt.so.1 => /lib64/librt.so.1 (0x000000393e000000)
> libglib-2.0.so.0 => /lib64/libglib-2.0.so.0
> (0x000000393e800000)
> libevtlog.so.0 => /lib64/libevtlog.so.0 (0x00007fc19e887000)
> libpcre.so.0 => /lib64/libpcre.so.0 (0x00007fc19e65b000)
> libdl.so.2 => /lib64/libdl.so.2 (0x00000034ab600000)
> libpthread.so.0 => /lib64/libpthread.so.0 (0x000000393d400000)
> libc.so.6 => /lib64/libc.so.6 (0x000000393cc00000)
> /lib64/ld-linux-x86-64.so.2 (0x000000393c800000)
>
> On the server where Syslog-NG is Not Working
> linux-vdso.so.1 => (0x00007fffff1ff000)
> libsyslog-ng.so.0 => /lib64/libsyslog-ng.so.0
> (0x00007f1e70904000)
> libnsl.so.1 => /lib64/libnsl.so.1 (0x00007f1e706eb000)
> libgmodule-2.0.so.0 => /lib64/libgmodule-2.0.so.0
> (0x00007f1e704e7000)
> libgthread-2.0.so.0 => /lib64/libgthread-2.0.so.0
> (0x00007f1e702e3000)
> librt.so.1 => /lib64/librt.so.1 (0x00007f1e700db000)
> libglib-2.0.so.0 => /lib64/libglib-2.0.so.0
> (0x00007f1e6fdf4000)
> libevtlog.so.0 => /lib64/libevtlog.so.0 (0x00007f1e6fbf0000)
> libpcre.so.0 => /lib64/libpcre.so.0 (0x00007f1e6f9c4000)
> libdl.so.2 => /lib64/libdl.so.2 (0x00007f1e6f7bf000)
> libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f1e6f5a3000)
> libc.so.6 => /lib64/libc.so.6 (0x00007f1e6f202000)
> /lib64/ld-linux-x86-64.so.2 (0x00007f1e70b75000)
>
>
>
> Thank you!
>
> Jason Kojro-Badziak
> Monolith Software
> Staff Engineer
> 311 North 2nd Street, Suite #302
> St. Charles, IL 60174
> Office: 312-957-6470 x3010
> Email: jbadziak at monolith-software.com
>
> -----Original Message-----
> From: syslog-ng-bounces at lists.balabit.hu
> [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Lay, James
> Sent: Tuesday, May 15, 2012 3:49 PM
> To: Syslog-ng users' and developers' mailing list
> Subject: Re: [syslog-ng] issue during start up
>
> Hello all:
>
> I am afraid I am having another issue which I would like some help with. When I try to start syslog-ng, I am getting this error:
>
> Starting syslog-ng: Error initializing raw socket,
> spoof-source support disabled;
>
> Syslog-ng then starts, but it doesn't appear to be forwarding messages. This is extremely strange as I have syslog-ng installed and running with the exact same config file on another system without any issues.
>
> I am sure the problem is that I'm an idiot, but I would greatly appreciate any help with the error I am having.
>
> Thank you!
>
>
>
>
> Try doing a:
>
> ldd `which syslog-ng`
>
> on both boxes....see if they are different.
>
> James
> ______________________________________________________________________
> ________ Member info:
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
> ______________________________________________________________________
> ________ Member info:
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
More information about the syslog-ng
mailing list