syslog-ng not logging
Jeffrey Goldberg
jeffrey at goldmark.org
Thu Dec 27 10:20:04 PST 2007
On Dec 27, 2007, at 10:40 AM, Peter Boosten wrote:
> Quoting Jeffrey Goldberg <jeffrey at goldmark.org>:
>
>> Is there any reason not to simply do a
>>
>> cd /var/log
>> chown -R daemon .
>
> I think (but I'm not sure) that permissions will be reversed by mtree.
This is the first I've heard of mtree. I just looked mtree(8), but I
take it that mtree is run periodically somehow to "fix" things. Do
you know where?
I can always keep my logs in some place other than /var/log if this is
an issue.
>> also
>>
>> chown daemon /dev/console
>
> Won't work either. *if* you're going to do that you should alter /
> etc/devfs.conf
More things to learn. I'm not really concerned about logging to
console anyway, as the machine will run headless most of the time.
>> Will log rotation preserve daemon ownership?
>
> Never used the *traditional* log style with syslog-ng, I stored
> everything per day/month/year/server.
I'm doing that for hosts that this is the remote syslod server for.
I'm using
/var/log/HOSTS/$HOST/$YEAR/$MONTH/$DAY/$FACILITY-$YEAR$MONTH$DAY"
for everything coming from the udp source. I suppose I could just add
"localhost" under HOSTS to do a similar destination for everything
else, though there I would probably have FACILITY be the major
categorization
> I ended up running syslog-ng as root, which is probably a bad idea
> as well, so I cannot give you any advice on this one.
It sounds like using something other than /var/log for a destination
makes the most sense.
I won't promise anything, but if I get to grok this all better, I'll
submit a pr for syslog-ng which includes a pkg-message and a FreeBSD
README. (I had to look in the startup script for instructions on how
to enable syslog-ng).
Cheers,
-j
More information about the freebsd-questions
mailing list