[syslog-ng] "Illegal seek" with file("/proc/net/xt_recent/violators")
Evan Rempel
erempel at uvic.ca
Mon Sep 9 17:28:58 CEST 2013
Could the file be kept open but lseek(0) before each write, rather than
lseek("end") before each write?
Perhaps a flag to seek to the beginning (rewrite(true) ) would work as
a concept.
On 09/09/2013 01:37 AM, Valentijn Sessink wrote:
> On 07-09-13 16:12, Evan Rempel wrote:
>> Couldn't you just use flush_lines(1) for that destination?
>
> No, the problem is with the file (write-)pointer; the kernel source
> wants it to be 0, otherwise an error will occur.
>
> This means, in a nutshell, that you must open()-write()-close() the
> destination.
>
> flush_lines(1) doesn't do that.
>
> Something like "time_reap(0)" ("close destination file after 0 seconds")
> could do this theoretically, but I don't think bending the configuration
> this much is feasible...
>
> Best regards,
>
> Valentijn
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
--
Evan Rempel erempel at uvic.ca
Senior Systems Administrator 250.721.7691
Data Centre Services, University Systems, University of Victoria
More information about the syslog-ng
mailing list