On 20.12.16 13:47, Stuart Henderson wrote:
On 2016-12-17, Remi Locherer <remi.loche...@relo.ch> wrote:
On December 17, 2016 12:07:18 PM GMT+01:00, Federico Donati
<nix.b...@gmail.com> wrote:
Hi all,
I've a problem with an OpenBSD 6.0 box with rsyslog.
I need to send every local logs to a remote server and I can't use
syslogd, because it does not send the hostname of the server (the one
indicated in /etc/myname), but on the remote server messages come with
the PTR record of my public ip.
have you tried -h for syslogd from base?
Yep this is the easy way.
I've installed rsyslogd, but it doesn't send anything to the remote
server. And more than that, it doesn't write anything local.
Since 5.6, OpenBSD uses a special sendsyslog(2) system call for
logging. This avoids the need for a device node and available file
descriptor, which helps with chrooted programs, or if someone is
able to cause too many FDs to be opened in an attempt to prevent
logging from working.
It needs a syslogd that is able to receive these messages. It's a
fairly simple change (see src/usr.sbin/syslogd/syslogd.c r1.111)
but afaik none of the third-party log daemons support it yet.
It's quite likely that diffs to add support for this to other
daemons would be accepted for ports, maybe upstreams would accept
them too.
Workaround for this without modifying the syslog daemon:
- run normal OpenBSD syslogd in addition to the other daemon
- have the other syslog daemon bind to a specific IP address
- have OpenBSD syslogd feed the other daemon using a network socket
Or, do not run anything else then syslogd. Seriously, I can't thought
off any case where
that wouldn't be enough.
