Re: syslog-ng and isakmpd
On Sat, Dec 29, 2007 at 02:17:03PM -0700, Brent Graveland wrote: > On 29-Dec-2007, at 13:49, Markus Wernig wrote: >> Hi all >> >> I have replaced syslogd with syslog-ng on my OBSD4.2 boxes (needed tcp, >> encryption and fifos). I have managed to mimick all traditional log >> behaviour (as per the default syslogd config) with one exception: >> isakmpd will not log a single bit into any facility. >> source src { >>unix-dgram("/dev/log"); >>internal(); >> }; >> [...] >> filter f_daemon { facility(daemon); }; >> [...] >> destination d_daemon { file("/var/log/daemon"); }; >> [...] >> log { source src; filter f_daemon; destination d_daemon; }; >> [...] >> >> Which works fine for ntpd. > > I haven't run into this personally, but make sure that syslog-ng also > listens on /var/empty/dev/log for chrooted daemons. And extend this to any chroot jail (notably, named has its own jail; -a /var/named/dev/log is automatically added to the syslogd_flags when required). (You are most likely not running named, or you'd most likely have seen this issue; but I wanted to get it in the archives for future use.) Joachim -- TFMotD: sudo, sudoedit (8) - execute a command as another user
Re: syslog-ng and isakmpd
On 29-Dec-2007, at 13:49, Markus Wernig wrote: Hi all I have replaced syslogd with syslog-ng on my OBSD4.2 boxes (needed tcp, encryption and fifos). I have managed to mimick all traditional log behaviour (as per the default syslogd config) with one exception: isakmpd will not log a single bit into any facility. afaik isakmpd uses the daemon facility (as does ntpd), so I have the following in syslog-ng.conf: source src { unix-dgram("/dev/log"); internal(); }; [...] filter f_daemon { facility(daemon); }; [...] destination d_daemon { file("/var/log/daemon"); }; [...] log { source src; filter f_daemon; destination d_daemon; }; [...] Which works fine for ntpd. But no word from isakmpd in any file, not even the catchall, not even with logging turned up to the maximum. I've tried every which way but just can't see what to change. Has anyone seen this before? Thx /markus I haven't run into this personally, but make sure that syslog-ng also listens on /var/empty/dev/log for chrooted daemons. -- Brent Graveland [EMAIL PROTECTED]
syslog-ng and isakmpd
Hi all I have replaced syslogd with syslog-ng on my OBSD4.2 boxes (needed tcp, encryption and fifos). I have managed to mimick all traditional log behaviour (as per the default syslogd config) with one exception: isakmpd will not log a single bit into any facility. afaik isakmpd uses the daemon facility (as does ntpd), so I have the following in syslog-ng.conf: source src { unix-dgram("/dev/log"); internal(); }; [...] filter f_daemon { facility(daemon); }; [...] destination d_daemon { file("/var/log/daemon"); }; [...] log { source src; filter f_daemon; destination d_daemon; }; [...] Which works fine for ntpd. But no word from isakmpd in any file, not even the catchall, not even with logging turned up to the maximum. I've tried every which way but just can't see what to change. Has anyone seen this before? Thx /markus