So, I made some progress with disabling the Busybox syslog server (can’t remove it completely without removing Busybox, but I can disable it) and replacing it with syslog-ng (which I really like, BTW), but I’m experiencing some odd behavior with PDNS (only) writing to syslog:
If I start `/usr/sbin/pdns_recursor --daemon=no --write-pid=no --disable-syslog=no` manually from the command prompt (as root), it logs to syslog-ng perfectly. If I start it with `systemctl start pdns-recursor`, it does not log to syslog-ng no matter what I do. (I started syslog-ng in debug+verbose mode to be sure, and there are simply no messages being delivered into /dev/log from PDNS.) My first assumption was that this must be a permissions issue, but a quick check disproves that theory. First, /dev/log is world-writable already: # ls -al /dev/log srw-rw-rw- 1 root root 0 Nov 3 23:56 /dev/log Second, FreeRADIUS is also running as non-root started with `systemctl start freeradius`, but FreeRADIUS is logging to Syslog just fine with no issues: # ps axu|grep -P "(syslog|radius)" root 2524 0.0 0.1 8428 3276 ? Ss Nov03 0:00 /usr/sbin/syslog-ng -dv pdns 2541 1.9 0.4 42276 9640 ? Ssl Nov03 0:08 /usr/sbin/pdns_recursor --daemon=no --write-pid=no --disable-syslog=no freerad 2612 0.0 0.1 49672 3892 ? Ssl 00:05 0:00 /usr/sbin/freeradius root 2620 0.0 0.0 2648 544 pts/1 S+ 00:06 0:00 grep -P (syslog|radius) I am not having any other problems getting any other applications to log to syslog-ng. It’s just PDNS (Recursor … I’m not using Authoritative). :-/ :-/ :-/ Thoughts? > On Nov 3, 2017, at 3:26 AM, Brian Candler <[email protected]> wrote: > > On 02/11/2017 23:09, Nicholas Williams wrote: >> - Log to host:port > > You could install a "real" syslog server like syslog-ng or rsyslog, listening > on a different port (say 127.0.0.1:5140), and tell your Busybox syslog to > forward to that. Then you can do filtering based on facility and level (e.g. > set logging-facility=3 to log to facility "local3") > > It might be better simply to disable the Busybox syslog server (if you can > find where it's enabled in startup scripts) and run just the real one instead. > > Another option is to forward all your logs to another host anyway, to avoid > wear on the flash of your tiny host. _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
