On Friday 26 Dec 2014 23:33:33 Peter Humphrey wrote: > Hello list, > > For some time now I've had syslog-ng writing /var/log/messages in a binary > format: > > # file /var/log/messages > /var/log/messages: data > # grep syslog-ng /var/log/messages > Binary file /var/log/messages matches > > Yet: > > # head /var/log/messages > Dec 21 03:10:02 wstn run-crons[29014]: (root) CMD (/etc/cron.daily/man-db) > [...] > > Can I use the following method to restore the original text format of > /var/log/messages? > > 1. Boot rescue system and mount main system > 2. # cd /mnt/main/var/log > 3. # mv messages messages.bin > 4. # strings messages.bin > messages > 5. # rm messages.bin > 6. Reboot. > > I tried steps 1 - 4 and got a text file with very long lines, but I > chickened out before rebooting. > > It would be nice to find a config setting that's changed, but the change > log is silent and the admin guide gives me a headache :-(
I don't know if this is a matter of changing some setting a in a config file - I haven't found any yet. It seems that upon boot up some binary data is written in the otherwise plain text logs: Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up; version='3.4.8' Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up; version='3.4.8' Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up; version='3.4.8' Dec 22 10:15:21 ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup subsys cpuset Dec 22 10:15:21 ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup subsys cpuset Dec 22 10:15:21 ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ ^@^@^@^@^@^@^@^@^@^@ [snip ...] I don't know if this is caused by some systemd infection of our systems! LOL! If you use 'less -L /var/log/messages' or cat, then you will be able to view the logs in text format. If you need to grep stuff then you can use: grep --binary-files=text -i firewall /var/log/messages [snip ...] Dec 27 09:24:03 dell_xps firewall: ** All firewall rules applied ** Dec 27 09:24:03 dell_xps firewall: ** All firewall rules applied ** Be careful that using grep like this might cause your terminal to execute some of the binary output as a command (check the man page). -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
