Mike <deb...@good-with-numbers.com> writes: > This has sort of been mentioned earlier on this list. > > I noticed netfilter messages getting trashed in the various > /var/log/messages on a system with two containers, netfilter rules on > the host, and each container and the host running rsyslog. On closer > inspection, I realized that only every other character or so of the > message was appearing in a given log file. Disabling kernel logging in > the containers, by commenting out "$ModLoad imklog" in > /etc/rsyslog.conf, straightened out the log files.
Huh. I disabled that because (containers') rsyslog reported it couldn't read from the kernel log. Maybe you've accidentally left containers with read-access to arbitrary devices? # These are: null zero random urandom tty* tty console # ptmx pts/* rtc0 lxc.cgroup.devices.deny = a lxc.cgroup.devices.allow = c 1:3 rw lxc.cgroup.devices.allow = c 1:5 rw lxc.cgroup.devices.allow = c 1:8 rw lxc.cgroup.devices.allow = c 1:9 rw lxc.cgroup.devices.allow = c 4:* rw lxc.cgroup.devices.allow = c 5:0 rw lxc.cgroup.devices.allow = c 5:1 rw lxc.cgroup.devices.allow = c 5:2 rw lxc.cgroup.devices.allow = c 136:* rw lxc.cgroup.devices.allow = c 254:0 r And in the container, I configure rsyslog thusly: cat >/etc/dhcp3/dhclient-exit-hooks.d/lxc-postinst <<EOF case \$reason in BOUND|RENEW|REBIND|REBOOT) :;; *) return;; esac exec >/dev/console 2>&1 </dev/null rm -f /etc/dhcp3/dhclient-exit-hooks.d/lxc-postinst # delete self # [...] perl -p0 -i -e 's:(.|\\\n)*/dev/xconsole\$::' /etc/rsyslog.d/50-default.conf sed -i '/ModLoad imklog\|KLogPath/ s/^/#/' /etc/rsyslog.conf etckeeper commit "Suppress noise in logs." sed -i '/RSYSLOG_TraditionalFileFormat/ s/^/#/' /etc/rsyslog.conf cat >/etc/rsyslog.d/20-to-logserv.conf <<-EOT # Enable RFC 3339 (ns granularity) timestamps in CC'd logs. \\\$ActionForwardDefaultTemplate RSYSLOG_ForwardFormat # CC all logs to logserv. *.* @logserv EOT etckeeper commit "Enable RFC 3339 timestamps in logs." restart rsyslog # [...] EOF ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Lxc-users mailing list Lxcemail@example.com https://lists.sourceforge.net/lists/listinfo/lxc-users