Hi, On Mon, 7 Nov 2022 09:39:18 +0100 Andras Korn <korn-debb...@elan.rulez.org> wrote: > Hi, > > > the check could be just something like > > > > lsof /dev/log >/dev/null || exit 1 > > I think > > fuser /dev/log >/dev/null 2>/dev/null || exit 1 > > is more efficient, but there is a problem with both approaches: the > process that is listening on /dev/null may be invisible to us, > because it may be running in a different namespace.
Thanks for the above: I didn't thought about using this service inside a container (when the logger is outside) and I agree it's a nice to have extension (assuming that you mean listening on /dev/log, otherwise I fail to understand what you are talking about) > > The only way to reliably determine whether there is a Unix server > listening on the /dev/log socket is to try to connect to the socket. > > One approach I can think of is to use > > unixclient /dev/log /bin/true 2>&1 | grep -q '^connect: Protocol > wrong type for socket' || exit 1 > > This creates a SOCK_STREAM socket and tries to connect it to > /dev/log, which will fail with EPROTOTYPE if there is a listening > server (which will use SOCK_DGRAM) and with ECONNREFUSED if not. > > Using unixclient would introduce a semi-esoteric dependency on > ucspi-unix, but it's a tiny package which is a good match for the > runit ecosystem anyway, so maybe it's acceptable. > > A more mainstream but much more heavyweight approach would be to use > socat(1) or netcat-openbsd with the -U option. > > Alternatively, socklog provides its own socklog-check, which does > exactly what is necessary, but the whole point of trying to detect > whether *any* syslog daemon is running is to avoid having to install > a particular one like socklog, so we probably shouldn't use it. > > OTOH, it's such a tiny program, and so unlikely to require changes > ever, you might even ship (a copy of) it as part of the runit package. > I'm ok with ucspi-unix or socklog-check, but this can happen only after the bookworm release. A dependency on ucspi-unix would make runit uninstallable on several architectures ( where ucspi-unix fails to build because of missing dietlibc , see https://buildd.debian.org/status/package.php?p=ucspi-unix ). To ship a copy of socklog-check (maybe also tryto can be useful) I need to build it with runit source, I think it's feasible but I need to play with those old style makefile, it takes time. For now I'm going to use fuser and keep the old code as fallback: it will be an improvement for users that have psmisc installed, and no regression for others. This bug can probably renamed as "default-syslog: useless inside a container", right ? Lorenzo
