Re: FreeBSD 4.7 Syslogs

2004-05-16 Thread Micheal Patterson 


- Original Message - 
From: Matt Cyber Dog LaPlante [EMAIL PROTECTED]
To: 'Matthew Seaman' [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Saturday, May 15, 2004 12:34 PM
Subject: RE: FreeBSD 4.7 Syslogs


 I tried the logger command, but it didn't reach the messages file (which
is
 still empty).  Here is the output from the syslogd -d command:

 syslogd: bind: Address already in use
 logmsg: pri 53, flags 4, from , msg syslogd: bind: Address already in use
 Logging to CONSOLE /dev/console
 syslogd: bind: Address already in use
 logmsg: pri 53, flags 4, from , msg syslogd: bind: Address already in use
 Logging to CONSOLE /dev/console
 can't open /dev/klog (16)

snip

Something is listening already on port 514 and syslogd is complaining about
that. Do a sockstat |grep 514 and see what's sitting on that port. Also,
can't open /dev/klog (16) is another problem. That device is the kernel
log device so syslog can see kernel messages. Syslog may not be too happy
about that either.  You might check and see if you have a klog in /dev

--

Micheal Patterson
TSG Network Administration
405-917-0600

Confidentiality Notice:  This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD 4.7 Syslogs

2004-05-16 Thread Micheal Patterson 




- Original Message - 
From: Matt Cyber Dog LaPlante [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, May 15, 2004 3:38 PM
Subject: RE: FreeBSD 4.7 Syslogs


snip

You've got a pretty high number of max logs with pretty hefty file size
limits. What's a df -k show on that system?

--

Micheal Patterson
TSG Network Administration
405-917-0600

Confidentiality Notice:  This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.



___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD 4.7 Syslogs

2004-05-16 Thread Micheal Patterson 



- Original Message - 
From: JJB [EMAIL PROTECTED]
To: Matt Cyber Dog LaPlante [EMAIL PROTECTED]; 'Matthew
Seaman' [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Saturday, May 15, 2004 3:04 PM
Subject: RE: FreeBSD 4.7 Syslogs


 Well since you are new to FBSD and since the syslogd -d commands
 shows that you do not have logging specified in /etc/syslog.conf for
 the messages file. You just do not know what you are looking at. Who
 ever was sysadmin before you probably  commented it out for what
 ever reason.

 By the way I tried using the logger command on my 4.9 system and it
 did not write any messages at all. So it is no help in debugging
 this problem. I read the man logger info and as usual the man page
 is useless. Who ever writes those must work real hard at writing
 sentences that convey no meanings.

Logger works just fine if you know how to use it and are running it as root
and is a good tool for working with syslog problems. The man pages tell you
quite a bit about provided you can interpret them effectively.

man logger:

logger [-46Ais] [-f file] [-h host] [-p pri] [-t tag] [message ...]

-p pri  Enter the message with the specified priority.  The priority may
 be specified numerically or as a ``facility.level'' pair.  For
 example, ``-p local3.info'' logs the message(s) as
informational
 level in the local3 facility.  The default is ``user.notice.''


man syslogd will give you a list of all priorities and facilities.

Priorities:

LOG_EMERG A panic condition.  This is normally broadcast to all
   users.

LOG_ALERT A condition that should be corrected immediately, such as a
   corrupted system database.

LOG_CRIT  Critical conditions, e.g., hard device errors.
LOG_ERR   Errors.
LOG_WARNING   Warning messages.
LOG_NOTICEConditions that are not error conditions, but should possi-
   bly be handled specially.
LOG_INFO  Informational messages.
LOG_DEBUG Messages that contain information normally of use only when
   debugging a program.

Facilities:

LOG_AUTH  The authorization system: login(1), su(1), getty(8), etc.
LOG_AUTHPRIV  The same as LOG_AUTH, but logged to a file readable only by
   selected individuals.
LOG_CONSOLE   Messages written to /dev/console by the kernel console out-
   put driver.
LOG_CRON  The cron daemon: cron(8).
LOG_DAEMONSystem daemons, such as routed(8), that are not provided
   for explicitly by other facilities.
LOG_FTP   The file transfer protocol daemons: ftpd(8), tftpd(8).
LOG_KERN  Messages generated by the kernel.  These cannot be gener-
   ated by any user processes.
LOG_LPR   The line printer spooling system: lpr(1), lpc(8), lpd(8),
   etc.
LOG_MAIL  The mail system.
LOG_NEWS  The network news system.
LOG_SECURITY  Security subsystems, such as ipfw(4).
LOG_SYSLOGMessages generated internally by syslogd(8).
LOG_USER  Messages generated by random user processes.  This is the
   default facility identifier if none is specified.
LOG_UUCP  The uucp system.
LOG_LOCAL0Reserved for local use.  Similarly for LOG_LOCAL1 through
   LOG_LOCAL7.

So, you have facilities of auth, authpriv, console, cron, daemon, ftp, kern,
lpr, mail, news, security, syslog, user, uucp, local0 - local7 and you have
priorities of: emerg, alert, crit, err, warning, notice, info and debug

So, by doing the command logger -p facility.priority message like so:

logger -p security.notice This is a test of security.notice

You get this in your security log which is default to /var/log/security

May 16 03:24:14 router /kernel: ipfw: 65000 Deny TCP 222.90.22.52:4267
68.227.96.223:65506 in via ep0
May 16 03:30:03 router micheal: This is a test of security.notice

If you're running syslogd -d you'll see exactly what was sent to syslogd and
where it was placed:

logmsg: pri 155, flags 0, from router, msg May 16 04:01:04 micheal: This is
a test of security.notice
Logging to FILE /var/log/messages
Logging to CONSOLE /dev/console
Logging to FILE /var/log/security
logmsg: pri 166, flags 17, from router, msg May 16 04:01:04 router micheal:
This is a test of security.notice

As you can see, I have *.notice going to messages and security.* to security
and /dev/console.


--

Micheal Patterson
TSG Network Administration
405-917-0600

Confidentiality Notice:  This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.


___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman

RE: FreeBSD 4.7 Syslogs

2004-05-16 Thread Sunil Sunder Raj 
Hi,
Just give 777 permissions to /var/log/messages
Regards
SSR

From: Matt \Cyber Dog\ LaPlante [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: RE: FreeBSD 4.7 Syslogs
Date: Sat, 15 May 2004 16:38:54 -0400
/var/run/dmesg.boot:

Copyright (c) 1992-2002 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 4.7-RELEASE-p15 #2: Sat Sep 27 11:04:10 EDT 2003
Timecounter i8254  frequency 1193182 Hz
CPU: Pentium III/Pentium III Xeon/Celeron (1004.52-MHz 686-class CPU)
  Origin = GenuineIntel  Id = 0x68a  Stepping = 10
Features=0x383fbffFPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,
CMOV,PAT,PSE36,MMX,FXSR,SSE
real memory  = 2147467264 (2097136K bytes)
config di sn0
No such device: sn0
Invalid command or syntax.  Type `?' for help.
config di lnc0
No such device: lnc0
Invalid command or syntax.  Type `?' for help.
config di ie0
No such device: ie0
Invalid command or syntax.  Type `?' for help.
config di fe0
No such device: fe0
Invalid command or syntax.  Type `?' for help.
config di ed0
No such device: ed0
Invalid command or syntax.  Type `?' for help.
config di cs0
No such device: cs0
Invalid command or syntax.  Type `?' for help.
config q
avail memory = 2087624704 (2038696K bytes)
Programming 24 pins in IOAPIC #0
IOAPIC #0 intpin 2 - irq 0
FreeBSD/SMP: Multiprocessor motherboard
 cpu0 (BSP): apic id:  3, version: 0x00040011, at 0xfee0
 cpu1 (AP):  apic id:  0, version: 0x00040011, at 0xfee0
 io0 (APIC): apic id:  2, version: 0x00178011, at 0xfec0
Preloaded elf kernel kernel at 0xc03d1000.
Preloaded userconfig_script /boot/kernel.conf at 0xc03d109c.
netsmb_dev: loaded
Pentium Pro MTRR support enabled
md0: Malloc disk
Using $PIR table, 7 entries at 0xc00f12d0
npx0: math processor on motherboard
npx0: INT 16 interface
pcib0: Host to PCI bridge on motherboard
IOAPIC #0 intpin 18 - irq 2
IOAPIC #0 intpin 16 - irq 4
IOAPIC #0 intpin 19 - irq 10
pci0: PCI bus on pcib0
agp0: VIA 82C691 (Apollo Pro) host to PCI bridge mem 
0xfc00-0xfdff
at device 0.0 on pci0
pcib2: VIA 82C598MVP (Apollo MVP3) PCI-PCI (AGP) bridge at device 1.0 on
pci0
pci1: PCI bus on pcib2
isab0: VIA 82C686 PCI-ISA bridge at device 4.0 on pci0
isa0: ISA bus on isab0
atapci0: VIA 82C686 ATA100 controller port 0xd800-0xd80f at device 4.1 on
pci0
ata0: at 0x1f0 irq 14 on atapci0
ata1: at 0x170 irq 15 on atapci0
pci0: VIA 83C572 USB controller at 4.2 irq 2
pci0: VIA 83C572 USB controller at 4.3 irq 2
pci0: unknown card (vendor=0x1106, dev=0x3057) at 4.4
xl0: 3Com 3c905C-TX Fast Etherlink XL port 0xb800-0xb87f mem
0xef00-0xef7f irq 2 at device 10.0 on pci0
xl0: Ethernet address: 00:04:75:72:64:cb
miibus0: MII bus on xl0
ukphy0: Generic IEEE 802.3u media interface on miibus0
ukphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
pci0: S3 Savage 4 graphics accelerator at 12.0 irq 4
twe0: 3ware Storage Controller port 0xb400-0xb40f mem
0xed80-0xedff,0xee00-0xee0f irq 10 at device 13.0 on pci0
twe0: 4 ports, Firmware FE7X 1.03.09.027, BIOS BE7X 1.07.02.002
pcib1: Host to PCI bridge on motherboard
pci2: PCI bus on pcib1
orm0: Option ROMs at iomem 0xc-0xcafff,0xcc000-0xccfff on isa0
fdc0: NEC 72065B or clone at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0
fdc0: FIFO enabled, 8 bytes threshold
fd0: 1440-KB 3.5 drive on fdc0 drive 0
atkbdc0: Keyboard controller (i8042) at port 0x60,0x64 on isa0
atkbd0: AT Keyboard flags 0x1 irq 1 on atkbdc0
kbd0 at atkbd0
psm0: PS/2 Mouse irq 12 on atkbdc0
psm0: model IntelliMouse, device ID 3
vga0: Generic ISA VGA at port 0x3c0-0x3df iomem 0xa-0xb on isa0
sc0: System console at flags 0x100 on isa0
sc0: VGA 16 virtual consoles, flags=0x300
sio0: configured irq 4 not in bitmap of probed irqs 0
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 8250
sio1: configured irq 3 not in bitmap of probed irqs 0
ppc0: parallel port not found.
APIC_IO: Testing 8254 interrupt delivery
APIC_IO: routing 8254 via IOAPIC #0 intpin 2
SMP: AP CPU #1 Launched!
ad0: 39266MB IC35L040AVER07-0 [79780/16/63] at ata0-master UDMA100
ad2: 117246MB Maxtor 4G120J6 [238216/16/63] at ata1-master UDMA100
twed0: TwinStor, Normal on twe0
twed0: 95395MB (195369520 sectors)
twe0: command interrupt
Mounting root from ufs:/dev/ad0s1a

/etc/rc.conf:

# -- sysinstall generated deltas -- # Wed Apr  3 17:02:40 2002
# Created: Wed Apr  3 17:02:40 2002
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
kern_securelevel_enable=NO
linux_enable=YES
moused_type=auto
nfs_reserved_port_only=YES
saver=logo
sshd_enable=YES

# use ssh from openssh port instead of default
sshd_program

Re: FreeBSD 4.7 Syslogs

2004-05-16 Thread Shaun T. Erickson 
Sunil Sunder Raj wrote:
Just give 777 permissions to /var/log/messages
This is BAD advice, and you should NOT follow it. If you do, you will 
give anyone the ability to modify or delete your log entries, which yoou 
do NOT want. Find and fix the actual problem; don't bypass the symptom 
with something that reduces system security.

-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD 4.7 Syslogs

2004-05-16 Thread Mark 
Sunil Sunder Raj wrote:

 Hi,
 Just give 777 permissions to /var/log/messages

With all due respect, but that is rather bad advice. I have been running syslog on 
FreeBSD 4.7R for years, without problem; and never ever did I have to resort to making 
/var/log/messages world-writeable. Besides, that is totally unnecessary too: syslogd 
runs as root, so only root needs write permissions (and, since it is root, probably 
not even that).

You can run syslogd like this:

/usr/sbin/syslogd -s

Or something like:

/usr/sbin/syslogd -a 192.168.6.0/24

if you need to log from remote machines. Your /etc/syslog.conf should look something 
like this:


*.err;kern.debug;mail.crit  /var/log/messages
*.notice;lpr.info;news.err  /var/log/messages
security.*  /var/log/security
mail.info   /var/log/maillog


Cheers,

- Mark

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD 4.7 Syslogs

2004-05-16 Thread Sunil Sunder Raj 
Hi,
I did not mean to change the permissions to 777 permanently. Just to come to 
a conclusion on whether it is a permission problem. As 90% unix problems are 
related to permissions.

Regards
SSR

From: Shaun T. Erickson [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: FreeBSD 4.7 Syslogs
Date: Sun, 16 May 2004 09:47:01 -0400
Sunil Sunder Raj wrote:
Just give 777 permissions to /var/log/messages
This is BAD advice, and you should NOT follow it. If you do, you will give 
anyone the ability to modify or delete your log entries, which yoou do NOT 
want. Find and fix the actual problem; don't bypass the symptom with 
something that reduces system security.

	-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
[EMAIL PROTECTED]
_
Is your PC infected? Get a FREE online computer virus scan from McAfee® 
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD 4.7 Syslogs

2004-05-16 Thread Shaun T. Erickson 
Sunil Sunder Raj wrote:
Hi,
I did not mean to change the permissions to 777 permanently. Just to 
come to a conclusion on whether it is a permission problem. As 90% unix 
problems are related to permissions.
Then you should have said so. But you did not - you simply told an 
admitted noob to set the permissions to 777, without any explanation. 
He might have done that, and if it had fixed his problem, he might have 
left it that way, thinking everything was solved - but with his logfile 
open to attack.

Please think about the advice you give, and whom you are giving it to, 
before you give it.

-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

RE: FreeBSD 4.7 Syslogs

2004-05-16 Thread JJB 
Thanks for the additional info.

I tested using this  logger -p lpr.err  test test
There is no error message about logger not working.

And I get nothing in the /var/log/lpr-errs log file.

syslogd -d  shows nothing happening.

I am running 4.9. virgin install so all the config files are there.

This is so simple that the only conclusion is that it's broken in
4.x versions.

Can any one verify that it's working in 4.x versions.

Any ideas of suggestions of how to proceed to get the logger command
working?

-Original Message-
From: Micheal Patterson [mailto:[EMAIL PROTECTED]
Sent: Sunday, May 16, 2004 5:04 AM
To: Matt Cyber Dog LaPlante; 'Matthew Seaman';
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: FreeBSD 4.7 Syslogs



- Original Message -
From: JJB [EMAIL PROTECTED]
To: Matt Cyber Dog LaPlante [EMAIL PROTECTED];
'Matthew
Seaman' [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Saturday, May 15, 2004 3:04 PM
Subject: RE: FreeBSD 4.7 Syslogs


 Well since you are new to FBSD and since the syslogd -d commands
 shows that you do not have logging specified in /etc/syslog.conf
for
 the messages file. You just do not know what you are looking at.
Who
 ever was sysadmin before you probably  commented it out for what
 ever reason.

 By the way I tried using the logger command on my 4.9 system and
it
 did not write any messages at all. So it is no help in debugging
 this problem. I read the man logger info and as usual the man page
 is useless. Who ever writes those must work real hard at writing
 sentences that convey no meanings.

Logger works just fine if you know how to use it and are running it
as root
and is a good tool for working with syslog problems. The man pages
tell you
quite a bit about provided you can interpret them effectively.

man logger:

logger [-46Ais] [-f file] [-h host] [-p pri] [-t tag] [message ...]

-p pri  Enter the message with the specified priority.  The priority
may
 be specified numerically or as a ``facility.level''
pair.  For
 example, ``-p local3.info'' logs the message(s) as
informational
 level in the local3 facility.  The default is
``user.notice.''


man syslogd will give you a list of all priorities and facilities.

Priorities:

LOG_EMERG A panic condition.  This is normally broadcast to all
   users.

LOG_ALERT A condition that should be corrected immediately, such
as a
   corrupted system database.

LOG_CRIT  Critical conditions, e.g., hard device errors.
LOG_ERR   Errors.
LOG_WARNING   Warning messages.
LOG_NOTICEConditions that are not error conditions, but should
possi-
   bly be handled specially.
LOG_INFO  Informational messages.
LOG_DEBUG Messages that contain information normally of use only
when
   debugging a program.

Facilities:

LOG_AUTH  The authorization system: login(1), su(1), getty(8),
etc.
LOG_AUTHPRIV  The same as LOG_AUTH, but logged to a file readable
only by
   selected individuals.
LOG_CONSOLE   Messages written to /dev/console by the kernel console
out-
   put driver.
LOG_CRON  The cron daemon: cron(8).
LOG_DAEMONSystem daemons, such as routed(8), that are not
provided
   for explicitly by other facilities.
LOG_FTP   The file transfer protocol daemons: ftpd(8), tftpd(8).
LOG_KERN  Messages generated by the kernel.  These cannot be
gener-
   ated by any user processes.
LOG_LPR   The line printer spooling system: lpr(1), lpc(8),
lpd(8),
   etc.
LOG_MAIL  The mail system.
LOG_NEWS  The network news system.
LOG_SECURITY  Security subsystems, such as ipfw(4).
LOG_SYSLOGMessages generated internally by syslogd(8).
LOG_USER  Messages generated by random user processes.  This is
the
   default facility identifier if none is specified.
LOG_UUCP  The uucp system.
LOG_LOCAL0Reserved for local use.  Similarly for LOG_LOCAL1
through
   LOG_LOCAL7.

So, you have facilities of auth, authpriv, console, cron, daemon,
ftp, kern,
lpr, mail, news, security, syslog, user, uucp, local0 - local7 and
you have
priorities of: emerg, alert, crit, err, warning, notice, info and
debug

So, by doing the command logger -p facility.priority message
like so:

logger -p security.notice This is a test of security.notice

You get this in your security log which is default to
/var/log/security

May 16 03:24:14 router /kernel: ipfw: 65000 Deny TCP
222.90.22.52:4267
68.227.96.223:65506 in via ep0
May 16 03:30:03 router micheal: This is a test of security.notice

If you're running syslogd -d you'll see exactly what was sent to
syslogd and
where it was placed:

logmsg: pri 155, flags 0, from router, msg May 16 04:01:04 micheal:
This is
a test of security.notice
Logging to FILE /var/log/messages
Logging to CONSOLE /dev/console
Logging to FILE /var/log/security
logmsg: pri 166, flags 17, from

RE: FreeBSD 4.7 Syslogs

2004-05-16 Thread Warren Block 
On Sun, 16 May 2004, JJB wrote:

 Thanks for the additional info.

 I tested using this  logger -p lpr.err  test test
 There is no error message about logger not working.

 And I get nothing in the /var/log/lpr-errs log file.

That would be /var/log/lpd-errs.

 This is so simple that the only conclusion is that it's broken in
 4.x versions.

That's a pretty big conclusion from a small test.  Like the old my
program doesn't work, so it must be a bug in the compiler jump.  You
are just looking for results in the wrong place.  It's also possible
that you have syslog set to not log that type of error.

 Can any one verify that it's working in 4.x versions.

It works.

-Warren Block * Rapid City, South Dakota USA
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

RE: FreeBSD 4.7 Syslogs

2004-05-16 Thread JJB 
So I have an typo in my post.
I did look in /var/log/lpd-errs and it's  empty.

Any help as what to do to figure this out?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Warren
Block
Sent: Sunday, May 16, 2004 11:01 AM
To: JJB
Cc: Micheal Patterson; [EMAIL PROTECTED]
Subject: RE: FreeBSD 4.7 Syslogs

On Sun, 16 May 2004, JJB wrote:

 Thanks for the additional info.

 I tested using this  logger -p lpr.err  test test
 There is no error message about logger not working.

 And I get nothing in the /var/log/lpr-errs log file.

That would be /var/log/lpd-errs.

 This is so simple that the only conclusion is that it's broken in
 4.x versions.

That's a pretty big conclusion from a small test.  Like the old my
program doesn't work, so it must be a bug in the compiler jump.
You
are just looking for results in the wrong place.  It's also possible
that you have syslog set to not log that type of error.

 Can any one verify that it's working in 4.x versions.

It works.

-Warren Block * Rapid City, South Dakota USA
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

RE: FreeBSD 4.7 Syslogs

2004-05-16 Thread JJB 
Replying to my own post.

I had tried kill -HUP xxx where xxx was the pid number of syslog
task
And still logger did not work

When an task is HUPed does that change the task number? Or is the
task just signaled to re-init it's self?

Rebooted system and logger works as documented now.
Have no idea why it was hosed, but working now and that is all that
matters.


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of JJB
Sent: Sunday, May 16, 2004 11:14 AM
To: Warren Block
Cc: Micheal Patterson; [EMAIL PROTECTED]
Subject: RE: FreeBSD 4.7 Syslogs

So I have an typo in my post.
I did look in /var/log/lpd-errs and it's  empty.

Any help as what to do to figure this out?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Warren
Block
Sent: Sunday, May 16, 2004 11:01 AM
To: JJB
Cc: Micheal Patterson; [EMAIL PROTECTED]
Subject: RE: FreeBSD 4.7 Syslogs

On Sun, 16 May 2004, JJB wrote:

 Thanks for the additional info.

 I tested using this  logger -p lpr.err  test test
 There is no error message about logger not working.

 And I get nothing in the /var/log/lpr-errs log file.

That would be /var/log/lpd-errs.

 This is so simple that the only conclusion is that it's broken in
 4.x versions.

That's a pretty big conclusion from a small test.  Like the old my
program doesn't work, so it must be a bug in the compiler jump.
You
are just looking for results in the wrong place.  It's also possible
that you have syslog set to not log that type of error.

 Can any one verify that it's working in 4.x versions.

It works.

-Warren Block * Rapid City, South Dakota USA
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD 4.7 Syslogs

2004-05-16 Thread Micheal Patterson 


- Original Message - 
From: JJB [EMAIL PROTECTED]
To: Micheal Patterson [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Sunday, May 16, 2004 9:37 AM
Subject: RE: FreeBSD 4.7 Syslogs


 Thanks for the additional info.

 I tested using this  logger -p lpr.err  test test
 There is no error message about logger not working.

 And I get nothing in the /var/log/lpr-errs log file.

 syslogd -d  shows nothing happening.

 I am running 4.9. virgin install so all the config files are there.

 This is so simple that the only conclusion is that it's broken in
 4.x versions.

 Can any one verify that it's working in 4.x versions.

 Any ideas of suggestions of how to proceed to get the logger command
 working?

 -Original Message-
 From: Micheal Patterson [mailto:[EMAIL PROTECTED]
 Sent: Sunday, May 16, 2004 5:04 AM
 To: Matt Cyber Dog LaPlante; 'Matthew Seaman';
 [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Subject: Re: FreeBSD 4.7 Syslogs



Yes, I can verify that it's working in FreeBSD 4.7, 4.9 and 4.10 RC2


FreeBSD tsgrtr.tsgincorporated.com 4.7-RELEASE FreeBSD 4.7-RELEASE #0: Sat
Apr 12 15:42:55 CDT 2003
[EMAIL PROTECTED]:/usr/src/sys/compile/LANDMARK  i386

Logging to CONSOLE /dev/console
Logging to FILE /var/log/messages
Logging to FILE /var/log/lpd-errs
Logging to FILE /var/log/all.log
logmsg: pri 166, flags 17, from tsgrtr, msg May 16 14:38:58 tsgrtr micheal:
test test


FreeBSD router.rcservers.com 4.9-STABLE FreeBSD 4.9-STABLE #3: Sun Mar 28
20:16:07 CST 2004
[EMAIL PROTECTED]:/usr/src/sys/compile/ROUTER  i386


Logging to CONSOLE /dev/console
Logging to FILE /var/log/messages
Logging to FILE /var/log/lpd-errs
logmsg: pri 166, flags 17, from router, msg May 16 14:37:32 router micheal:
test test
---

FreeBSD fmswfw.firstmedok.com 4.10-RC2 FreeBSD 4.10-RC2 #1: Thu May 13
15:54:10 CDT 2004
root@:/usr/src/sys/compile/FMFW3  i386

Logging to CONSOLE /dev/console
Logging to FILE /var/log/messages
Logging to FILE /var/log/lpd-errs
logmsg: pri 166, flags 17, from fmswfw, msg May 16 14:43:22 fmswfw micheal:
test test

I start syslogd with -s -c -c normally and -s -c -c -d while I was debugging
so I don't get the message repeated x number of times entries in my logs
as I have a need to see each entry in the logs.

--

Micheal Patterson
TSG Network Administration
405-917-0600

Confidentiality Notice:  This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

RE: FreeBSD 4.7 Syslogs

2004-05-16 Thread Cyber Dog 
Well, I guess we'll have to chalk this one up to forces of nature.  I
replaced the old syslog.conf with:

# $FreeBSD: src/etc/syslog.conf,v 1.13.2.2 2001/02/26 09:26:11 phk Exp $
#
#   Spaces are NOT valid field separators in this file.
#   Consult the syslog.conf(5) manpage.

# Purchasing database syslog

local7.notice/var/log/purchasing

# Postgres syslog

local0.*/var/log/postgres
local2.*/var/log/qmail/smtpd.log
local3.*/var/log/qmail/send
local4.*/var/log/qmail/masterlog

*.err;kern.debug;mail.crit  /dev/console
*.notice;kern.debug;lpr.info;mail.crit /var/log/messages

authpriv.*  /var/log/authpriv
security.*  /var/log/security
mail.info   /var/log/maillog
lpr.info/var/log/lpd-errs
cron.*  /var/log/cron

*.emerg *

# uncomment this to log all writes to /dev/console to /var/log/console.log
console.info/var/log/console.log


...and low and behold the logs started working.  As you said, it doesn't
seem like it should have made a difference...but something changed.  I still
can't explain why it broke in the first place, but what's most important is
that it started working again.

Your explanation was extremely helpful, and I'm very appreciative.  It's
very admirable that you give of your time to help out complete strangers.
If you have a PayPal account, I wouldn't mind sending over a little token of
my appreciation.

Thanks again,
Matt

-Original Message-
From: JJB [mailto:[EMAIL PROTECTED] 
Sent: Saturday, May 15, 2004 10:42 PM
To: Matt Cyber Dog LaPlante
Subject: RE: FreeBSD 4.7 Syslogs

Matt.

You did not reboot system before you captured the requested data,
but that is ok.

I will write this reply in an teaching manner, so don't think  I am
talking down to you.

The  command ps ax displays all the tasks running on your system.

  843  p0- S 0:00.03 syslogd -d
  847  p0- I  0:00.03 syslogd -d
 1214  p0- I 0:00.03 syslogd -dv

from your posted data for ps ax display the above says you have 3
tasks running syslogd in debug mode. An reboot will get rid of this
or you can kill the tasks by using the task number ie 843 for
example. Enter on the command line killall 843 to kill that task
then do ps ax to see that it's gone, then do same for the other 2
numbers  847  1214

***
 Now lets cover how syslogs are defined and the control of auto
rotate. This is very poorly described in man syslog and man
newsyslog. The command  man  is the command for display to console
the manual. So man newsyslog would display to the console screen the
manual documentation for the newsyslog command. Be for warned the
man documentation is very poorly written and conveys very little
useful info.

I will focus on the messages log file as an example to explain what
is happening, but same process applies to all log files defined in
/ect/syslog.conf.  In FBSD all messages to syslog uses 2 elements to
define the message, the facility and message level. In syslog.conf
the left side on the line is the facility.level.  The level
describes the severity of the message, and is a keyword from
the following ordered list (higher to lower): emerg, alert, crit,
err, warning, notice, info and debug.  Coding  *.notice means all
messages emerg through notice.

With that info, looking at your syslog.conf it is obvious there are
coding problems with some of the files, but nothing that would cause
an log file not to work. As general rule messages file is reserved
for FBSD system messages not application messages which have their
own log files. Local0 and local7 should not be going to messages
file as they have their own log files.
!local0.*;!local7.*;*.notice;kern.debug;lpr.info;mail.crit;news.err
/var/log/messages this should be re-written as
*.notice;kern.debug;lpr.info;mail.crit /var/log/messages


!local0.*;*.err;kern.debug;auth.notice;mail.crit   /dev/console
!local0.*;*.notice;news.err
/dev/console
!local0.*;*.alert
/dev/console

This is an real mess, should be re-written as
*.err;kern.debug;mail.crit/dev/console

I did not see an news group server enabled in rc.conf so news.err is
not necessary.
You will only see these console messages when you are logged in as
root, they are not saved in between logins.

This
local7.crit;local7.err;local7.notice/var/log/purchasing

should be this
local7.notice/var/log/purchasing
as all the higher message levers are included, does the same thing
as the original statement

Re: FreeBSD 4.7 Syslogs

2004-05-15 Thread Matthew Seaman 
On Sat, May 15, 2004 at 01:51:40AM -0400, Matt Cyber Dog LaPlante wrote:
 I've inherited a FreeBSD 4.7 server as part of a system administration job.
  Recently I noticed that the syslog files had stopped collecting data.  This
 includes /var/log/messages and /var/log/console among others.  Up until some
 time last week, they'd been full of data, but after some unknown event, all
 data collection stopped.  I did not build/configure the system, nor am I
 very fluent in the ways of BSD, so I do not know where else to begin looking
 for answers.  I ran the newsyslog program to regenerate all the log files.
  It created them, with the single line stating a new log file was created,
 but aside from that one line they remain empty.  I tried manually restarting
 syslogd, as well as rebooting the whole machine, neither of which have had
 any effect.  I have not manually altered any syslog configuration info, and
 I basically have no idea what to try next.  I'm a relative noob when it
 comes to FreeBSD, so I'd appreciate answers in a simple format.  Thanks in
 advance...

Hmmm... that doesn't sound good.  Can you use logger(1) to write a
test message into the log files?

% logger -p daemon.info -t TEST Some test message

which should appear in /var/log/messages.  If it doesn't, look at
/etc/syslog.conf and verify that it is sensible.  Then try killing
syslogd and starting it up in debug mode:

# syslogd -d {other syslog flags}

this will not daemonize itself or go into the background and will
print out various debugging information as log messages come in.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.   26 The Paddocks
  Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614  Bucks., SL7 1TH UK


pgpTVdIfyPqak.pgp
Description: PGP signature

RE: FreeBSD 4.7 Syslogs

2004-05-15 Thread Matt \Cyber Dog\ LaPlante 
I tried the logger command, but it didn't reach the messages file (which is
still empty).  Here is the output from the syslogd -d command:

syslogd: bind: Address already in use
logmsg: pri 53, flags 4, from , msg syslogd: bind: Address already in use
Logging to CONSOLE /dev/console
syslogd: bind: Address already in use
logmsg: pri 53, flags 4, from , msg syslogd: bind: Address already in use
Logging to CONSOLE /dev/console
can't open /dev/klog (16)
off  running
init
cfline(local7.crit;local7.err;local7.notice
/var/log/purchasing, f, *, *)
cfline(local0.*/var/log/postgres,
f, *, *)
cfline(local2.*
/var/log/qmail/smtpd.log, f, *, *)
cfline(local3.*
/var/log/qmail/send, f, *, *)
cfline(local4.*
/var/log/qmail/masterlog, f, *, *)
cfline(authpriv.*  /var/log/authpriv,
f, local0, *)
cfline(security.*  /var/log/security,
f, local0, *)
cfline(mail.info   /var/log/maillog,
f, local0, *)
cfline(lpr.info/var/log/lpd-errs,
f, local0, *)
cfline(cron.*  /var/log/cron, f,
local0, *)
cfline(*.emerg *, f, local0,
*)
cfline(console.info
/var/log/console.log, f, local0, *)
X X X X X X X X X X X X X X X X X X X X X X X 5 X FILE: /var/log/purchasing
X X X X X X X X X X X X X X X X 8 X X X X X X X X FILE: /var/log/postgres
X X X X X X X X X X X X X X X X X X 8 X X X X X X FILE:
/var/log/qmail/smtpd.log
X X X X X X X X X X X X X X X X X X X 8 X X X X X FILE: /var/log/qmail/send
X X X X X X X X X X X X X X X X X X X X 8 X X X X FILE:
/var/log/qmail/masterlog
X X X X X X X X X X 8 X X X X X X X X X X X X X X FILE: /var/log/authpriv
(local0)
X X X X X X X X X X X X X 8 X X X X X X X X X X X FILE: /var/log/security
(local0)
X X 6 X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/maillog
(local0)
X X X X X X 6 X X X X X X X X X X X X X X X X X X FILE: /var/log/lpd-errs
(local0)
X X X X X X X X X 8 X X X X X X X X X X X X X X X FILE: /var/log/cron
(local0)
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 X WALL:  (local0)
X X X X X X X X X X X X X X 6 X X X X X X X X X X FILE: /var/log/console.log
(local0)
logmsg: pri 56, flags 4, from compname, msg syslogd: restart
syslogd: restarted


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matthew Seaman
Sent: Saturday, May 15, 2004 4:56 AM
To: Matt Cyber Dog LaPlante
Cc: [EMAIL PROTECTED]
Subject: Re: FreeBSD 4.7 Syslogs

On Sat, May 15, 2004 at 01:51:40AM -0400, Matt Cyber Dog LaPlante wrote:
 I've inherited a FreeBSD 4.7 server as part of a system administration
job.
  Recently I noticed that the syslog files had stopped collecting data.
 This
 includes /var/log/messages and /var/log/console among others.  Up until
some
 time last week, they'd been full of data, but after some unknown event,
all
 data collection stopped.  I did not build/configure the system, nor am I
 very fluent in the ways of BSD, so I do not know where else to begin
looking
 for answers.  I ran the newsyslog program to regenerate all the log files.
  It created them, with the single line stating a new log file was created,
 but aside from that one line they remain empty.  I tried manually
restarting
 syslogd, as well as rebooting the whole machine, neither of which have had
 any effect.  I have not manually altered any syslog configuration info,
and
 I basically have no idea what to try next.  I'm a relative noob when it
 comes to FreeBSD, so I'd appreciate answers in a simple format.  Thanks in
 advance...

Hmmm... that doesn't sound good.  Can you use logger(1) to write a
test message into the log files?

% logger -p daemon.info -t TEST Some test message

which should appear in /var/log/messages.  If it doesn't, look at
/etc/syslog.conf and verify that it is sensible.  Then try killing
syslogd and starting it up in debug mode:

# syslogd -d {other syslog flags}

this will not daemonize itself or go into the background and will
print out various debugging information as log messages come in.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.   26 The Paddocks
  Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614  Bucks., SL7 1TH UK


___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

RE: FreeBSD 4.7 Syslogs

2004-05-15 Thread JJB 
Well since you are new to FBSD and since the syslogd -d commands
shows that you do not have logging specified in /etc/syslog.conf for
the messages file. You just do not know what you are looking at. Who
ever was sysadmin before you probably  commented it out for what
ever reason.

By the way I tried using the logger command on my 4.9 system and it
did not write any messages at all. So it is no help in debugging
this problem. I read the man logger info and as usual the man page
is useless. Who ever writes those must work real hard at writing
sentences that convey no meanings.

To verify the conclusion that no logging is enabled for messages
file, first do  halt command, power off box, wait 1 minute, power
back on to boot system, then, post the complete contents of these
files.
/var/run/dmesg.boot
/etc/rc.conf
/etc/syslog.conf
/etc/newsylog.conf
/etc/crontab
The output of this command  ls -l /var/log/*   to see all the
details about your log files.
The output of this command  ps ax


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Matt Cyber
Dog LaPlante
Sent: Saturday, May 15, 2004 1:34 PM
To: 'Matthew Seaman'; [EMAIL PROTECTED]
Subject: RE: FreeBSD 4.7 Syslogs

I tried the logger command, but it didn't reach the messages file
(which is
still empty).  Here is the output from the syslogd -d command:

syslogd: bind: Address already in use
logmsg: pri 53, flags 4, from , msg syslogd: bind: Address already
in use
Logging to CONSOLE /dev/console
syslogd: bind: Address already in use
logmsg: pri 53, flags 4, from , msg syslogd: bind: Address already
in use
Logging to CONSOLE /dev/console
can't open /dev/klog (16)
off  running
init
cfline(local7.crit;local7.err;local7.notice
/var/log/purchasing, f, *, *)
cfline(local0.*
/var/log/postgres,
f, *, *)
cfline(local2.*
/var/log/qmail/smtpd.log, f, *, *)
cfline(local3.*
/var/log/qmail/send, f, *, *)
cfline(local4.*
/var/log/qmail/masterlog, f, *, *)
cfline(authpriv.*
/var/log/authpriv,
f, local0, *)
cfline(security.*
/var/log/security,
f, local0, *)
cfline(mail.info
/var/log/maillog,
f, local0, *)
cfline(lpr.info
/var/log/lpd-errs,
f, local0, *)
cfline(cron.*
/var/log/cron, f,
local0, *)
cfline(*.emerg *, f,
local0,
*)
cfline(console.info
/var/log/console.log, f, local0, *)
X X X X X X X X X X X X X X X X X X X X X X X 5 X FILE:
/var/log/purchasing
X X X X X X X X X X X X X X X X 8 X X X X X X X X FILE:
/var/log/postgres
X X X X X X X X X X X X X X X X X X 8 X X X X X X FILE:
/var/log/qmail/smtpd.log
X X X X X X X X X X X X X X X X X X X 8 X X X X X FILE:
/var/log/qmail/send
X X X X X X X X X X X X X X X X X X X X 8 X X X X FILE:
/var/log/qmail/masterlog
X X X X X X X X X X 8 X X X X X X X X X X X X X X FILE:
/var/log/authpriv
(local0)
X X X X X X X X X X X X X 8 X X X X X X X X X X X FILE:
/var/log/security
(local0)
X X 6 X X X X X X X X X X X X X X X X X X X X X X FILE:
/var/log/maillog
(local0)
X X X X X X 6 X X X X X X X X X X X X X X X X X X FILE:
/var/log/lpd-errs
(local0)
X X X X X X X X X 8 X X X X X X X X X X X X X X X FILE:
/var/log/cron
(local0)
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 X WALL:  (local0)
X X X X X X X X X X X X X X 6 X X X X X X X X X X FILE:
/var/log/console.log
(local0)
logmsg: pri 56, flags 4, from compname, msg syslogd: restart
syslogd: restarted


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matthew
Seaman
Sent: Saturday, May 15, 2004 4:56 AM
To: Matt Cyber Dog LaPlante
Cc: [EMAIL PROTECTED]
Subject: Re: FreeBSD 4.7 Syslogs

On Sat, May 15, 2004 at 01:51:40AM -0400, Matt Cyber Dog LaPlante
wrote:
 I've inherited a FreeBSD 4.7 server as part of a system
administration
job.
  Recently I noticed that the syslog files had stopped collecting
data.
 This
 includes /var/log/messages and /var/log/console among others.  Up
until
some
 time last week, they'd been full of data, but after some unknown
event,
all
 data collection stopped.  I did not build/configure the system,
nor am I
 very fluent in the ways of BSD, so I do not know where else to
begin
looking
 for answers.  I ran the newsyslog program to regenerate all the
log files.
  It created them, with the single line stating a new log file was
created,
 but aside from that one line they remain empty.  I tried manually
restarting
 syslogd, as well as rebooting the whole machine, neither of which
have had
 any effect.  I have not manually altered any syslog configuration
info,
and
 I basically have no idea what to try next.  I'm a relative noob
when it
 comes to FreeBSD, so I'd appreciate answers in a simple format.
Thanks in
 advance...

Hmmm... that doesn't sound good.  Can you use logger(1) to write a
test message into the log files?

% logger -p daemon.info -t TEST Some test message

which should appear in /var/log/messages.  If it doesn't, look at
/etc/syslog.conf and verify that it is sensible.  Then try killing
syslogd and starting it up in debug mode

RE: FreeBSD 4.7 Syslogs

2004-05-15 Thread Matt \Cyber Dog\ LaPlante 
- S  0:00.03 syslogd -d
  847  p0- I  0:00.03 syslogd -d
 1214  p0- I  0:00.03 syslogd -dv
 4530  p0  Is 0:00.03 -bash (bash)
 4534  p0  S  0:00.05 su (bash)
 4657  p0  R+ 0:00.00 ps ax
  754  v0  Is+0:00.01 /usr/libexec/getty Pc ttyv0
  241  v1  Is+0:00.01 /usr/libexec/getty Pc ttyv1
  242  v2  Is+0:00.00 /usr/libexec/getty Pc ttyv2
  243  v3  Is+0:00.01 /usr/libexec/getty Pc ttyv3
  244  v4  Is+0:00.01 /usr/libexec/getty Pc ttyv4
  245  v5  Is+0:00.00 /usr/libexec/getty Pc ttyv5
  246  v6  Is+0:00.01 /usr/libexec/getty Pc ttyv6
  247  v7  Is+0:00.00 /usr/libexec/getty Pc ttyv7
  214 con- I  0:00.07 /usr/local/pgsql/bin/postmaster (postgres)
  221 con- I  0:00.00 postmaster: stats buffer process(postgres)
  222 con- I  0:00.00 postmaster: stats collector process(postgres)
  231 con- S  0:00.39 /usr/local/bin/svscan /var/service
  232 con- I  0:00.00 /usr/local/bin/readproctitle service errors:



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of JJB
Sent: Saturday, May 15, 2004 4:04 PM
To: Matt Cyber Dog LaPlante; 'Matthew Seaman';
[EMAIL PROTECTED]
Subject: RE: FreeBSD 4.7 Syslogs

Well since you are new to FBSD and since the syslogd -d commands
shows that you do not have logging specified in /etc/syslog.conf for
the messages file. You just do not know what you are looking at. Who
ever was sysadmin before you probably  commented it out for what
ever reason.

By the way I tried using the logger command on my 4.9 system and it
did not write any messages at all. So it is no help in debugging
this problem. I read the man logger info and as usual the man page
is useless. Who ever writes those must work real hard at writing
sentences that convey no meanings.

To verify the conclusion that no logging is enabled for messages
file, first do  halt command, power off box, wait 1 minute, power
back on to boot system, then, post the complete contents of these
files.
/var/run/dmesg.boot
/etc/rc.conf
/etc/syslog.conf
/etc/newsylog.conf
/etc/crontab
The output of this command  ls -l /var/log/*   to see all the
details about your log files.
The output of this command  ps ax


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Matt Cyber
Dog LaPlante
Sent: Saturday, May 15, 2004 1:34 PM
To: 'Matthew Seaman'; [EMAIL PROTECTED]
Subject: RE: FreeBSD 4.7 Syslogs

I tried the logger command, but it didn't reach the messages file
(which is
still empty).  Here is the output from the syslogd -d command:

syslogd: bind: Address already in use
logmsg: pri 53, flags 4, from , msg syslogd: bind: Address already
in use
Logging to CONSOLE /dev/console
syslogd: bind: Address already in use
logmsg: pri 53, flags 4, from , msg syslogd: bind: Address already
in use
Logging to CONSOLE /dev/console
can't open /dev/klog (16)
off  running
init
cfline(local7.crit;local7.err;local7.notice
/var/log/purchasing, f, *, *)
cfline(local0.*
/var/log/postgres,
f, *, *)
cfline(local2.*
/var/log/qmail/smtpd.log, f, *, *)
cfline(local3.*
/var/log/qmail/send, f, *, *)
cfline(local4.*
/var/log/qmail/masterlog, f, *, *)
cfline(authpriv.*
/var/log/authpriv,
f, local0, *)
cfline(security.*
/var/log/security,
f, local0, *)
cfline(mail.info
/var/log/maillog,
f, local0, *)
cfline(lpr.info
/var/log/lpd-errs,
f, local0, *)
cfline(cron.*
/var/log/cron, f,
local0, *)
cfline(*.emerg *, f,
local0,
*)
cfline(console.info
/var/log/console.log, f, local0, *)
X X X X X X X X X X X X X X X X X X X X X X X 5 X FILE:
/var/log/purchasing
X X X X X X X X X X X X X X X X 8 X X X X X X X X FILE:
/var/log/postgres
X X X X X X X X X X X X X X X X X X 8 X X X X X X FILE:
/var/log/qmail/smtpd.log
X X X X X X X X X X X X X X X X X X X 8 X X X X X FILE:
/var/log/qmail/send
X X X X X X X X X X X X X X X X X X X X 8 X X X X FILE:
/var/log/qmail/masterlog
X X X X X X X X X X 8 X X X X X X X X X X X X X X FILE:
/var/log/authpriv
(local0)
X X X X X X X X X X X X X 8 X X X X X X X X X X X FILE:
/var/log/security
(local0)
X X 6 X X X X X X X X X X X X X X X X X X X X X X FILE:
/var/log/maillog
(local0)
X X X X X X 6 X X X X X X X X X X X X X X X X X X FILE:
/var/log/lpd-errs
(local0)
X X X X X X X X X 8 X X X X X X X X X X X X X X X FILE:
/var/log/cron
(local0)
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 X WALL:  (local0)
X X X X X X X X X X X X X X 6 X X X X X X X X X X FILE:
/var/log/console.log
(local0)
logmsg: pri 56, flags 4, from compname, msg syslogd: restart
syslogd: restarted


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matthew
Seaman
Sent: Saturday, May 15, 2004 4:56 AM
To: Matt Cyber Dog LaPlante
Cc: [EMAIL PROTECTED]
Subject: Re: FreeBSD 4.7 Syslogs

On Sat, May 15, 2004 at 01:51:40AM -0400, Matt Cyber Dog LaPlante
wrote:
 I've inherited a FreeBSD 4.7 server as part