Hello, I am faced with running a program in a container that will only log to syslog and cannot be configured otherwise. I am looking to using s6 within the container to supervise this program and some implementation of syslog. I thought that there must be something simpler than rsyslog or syslog-ng, and my investigations led me to the s6/examples/syslogd-linux service directory.
I am only slightly experienced with writing execline scripts and would like to better understand exactly what each line in the example run script is doing. Here it is, annotated with my understanding and questions. #!/command/execlineb -P # Redirects stderr to stdout, but why is this necessary? fdmove -c 2 1 # Clears the environment, I assume for general # security/isolation/cleanliness reasons? exec -c # Prepares for setting uid/gid later s6-envuidgid nobody # Redirects stdout to fd 3, I think because s6-ipcserver closes fd # 1; what happens to things sent to fd 3? # Also, why is the -c option not used here? fdmove 1 3 # Listens on /dev/log, this makes sense to me s6-ipcserver -U -1 -- /dev/log # Redirects stdout to stderr, because this is where log messages # are expected to go fdmove -c 1 2 # writes stdin to stdout with the values of the remote UID and GID # prepended, plus whatever other functionality of ucspidlogd ucspilogd IPCREMOTEEUID IPCREMOTEEGID Please let me know if I have made any mistakes in my annotation and what the answers to my questions are. Thank you, Scott
