Linux on 390 Port <[email protected]> wrote on 05/12/2008 01:27:22 PM:
> >>> On Mon, May 12, 2008 at 2:20 PM, in message > <[EMAIL PROTECTED]>, > James Melin <[EMAIL PROTECTED]> wrote: > -snip- > > I am seeing a file by syslogd on /dev/tty7 in the lsof output > > > > syslogd 13827 root 3u FIFO 94,1 28707 > > /dev/xconsole > > syslogd 13827 root 21w REG 94,1 91442612 29065 > > /dev/tty7 > > syslogd 13827 root 22w REG 94,1 91442612 29065 > > /dev/tty7 > > syslogd 13827 root 23w REG 94,1 91442612 29065 > > /dev/tty7 > > That looks like your problem. The "REG" says that it is a "regular > file" when it should be "CHR." What distribution is this? I know > that syslogd isn't a userid shipped with SLES9 or SLES10. This is a SLES-9 system running Tivoli Workload Scheduler Job Scheduling Console. Basically WebSphere lite. Back in the day at the recommendation of the 'Lpar to virtual server' redbook, I did the bastille hardening which appended this to syslog.conf ############ BASTILLE ADDITIONS BELOW : ################# # Log warning and errors to the new file /var/log/syslog *.warn;*.err /var/log/syslog # Log all kernel messages to the new file /var/log/kernel kern.* /var/log/kernel # Log all logins to /var/log/loginlog auth.*;user.*;daemon.none /var/log/loginlog # Log additional data to the Alt-F7 and Alt-F8 screens (Pseudo TTY 7 and 8) *.info;mail.none;authpriv.none /dev/tty7 authpriv.* /dev/tty7 *.warn;*.err /dev/tty7 kern.* /dev/tty7 mail.* /dev/tty8 *.* /dev/tty12 ########## BASTILLE ADDITIONS CONCLUDED : ############### So this is clearly why syslog has /dev/tty7, 8 and 12 allocated. the problem exists on the golden mastet structure on my cloning system and every linux derived from it, so I suspect the damage was done a long time ago, back when I knew considerably less than I do now. The tty files in question all look similar to this: crw-rw-rw- 1 root root 5, 0 Oct 12 2006 tty -rw-r--r-- 1 root root 35849124 May 12 13:28 tty12 -rw-r--r-- 1 root root 91443630 May 12 13:28 tty7 -rw-r--r-- 1 root root 19152 May 2 12:12 tty8 crw-rw---- 1 root tty 4, 64 May 2 12:13 ttyS0 crw-rw---- 1 root tty 4, 65 May 24 2005 ttyS1 THe question is.. how do I re-create these device entries so that the are not regular files anymore? Disclaimer: Information in this message or an attachment may be government data and thereby subject to the Minnesota Government Data Practices Act, Minnesota Statutes, Chapter 13, may be subject to attorney-client or work product privilege, may be confidential, privileged, proprietary, or otherwise protected, and the unauthorized review, copying, retransmission, or other use or disclosure of the information is strictly prohibited. If you are not the intended recipient of this message, please immediately notify the sender of the transmission error and then promptly delete this message from your computer system. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
