Fragments of kernel log text in "security run" message

Dan Nelson dnelson at allantgroup.com
Sun Aug 17 22:50:21 PDT 2003


In the last episode (Aug 17), Kris Kennaway said:
> On Sun, Aug 17, 2003 at 10:39:49PM -0400, Ralph Dratman wrote:
> 
> > Recently, though, I've been seeing small fragments of text in the 
> > "kernel log" portion of that report. This happens almost every day 
> > now. Following are a few examples. There is just one fragment per 
> > report.
> > ---------------------------------
> > kq9.net kernel log messages:
> > >copeid 0x4
> > 
> > kq9.net kernel log messages:
> > >8>.
> 
> I get this as well on RELENG_4...I wish I knew why.  Often it causes
> syslogd to log it at LOG_EMERG priority (=spams every logged in user
> with the truncated message).

I think this happens after the kernel's message buffer starts rolling
over.  The very first line in the dmesg output sometimes gets cut in
half, so diff prints it as a change block, and the security script
prints the "add" portion.  Maybe the check_diff function should remove
the first line of the dmesg output before doing the diff?

-- 
	Dan Nelson
	dnelson at allantgroup.com


More information about the freebsd-questions mailing list