problems with syslogd

problems with syslogd

Amit Aronovitch aronovitch at gmail.com
Wed Jun 9 17:57:56 IDT 2010 

On Wed, Jun 9, 2010 at 3:26 PM, Valery Reznic <valery_reznic at yahoo.com>wrote:

> Connect to syslogd with strace:
>
> strace -p syslogd_pid
>
> And then "provoke" message that should go to /var/log/messages
> strace will show you what syslogd do.
> May be it will reveal cause of the problem.
>

Does not help much. After the "select", it just stats /etc/localtime, and
then writes the output to one of the open fd's
(see my prev mail - the process does not open "messages" at all). For
example:


select(1, [0], NULL, NULL, NULL)        = 1 (in [0])
recvfrom(0, "<150>Jun  9 17:33:27 pppd[3998]:"..., 1022, 0, NULL, NULL) = 79
rt_sigprocmask(SIG_BLOCK, [HUP ALRM], NULL, 8) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=803, ...}) = 0
writev(2, [{"Jun  9 17:33:27", 15}, {" ", 1}, {"penguin", 7}, {" ", 1},
{"pppd[3998]: Sent 29064396 bytes,"..., 58}, {"\n", 1}], 6) = 83
rt_sigprocmask(SIG_UNBLOCK, [HUP ALRM], NULL, 8) = 0
select(1, [0], NULL, NULL, NULL)        = 1 (in [0])

Now, <150>, according to syslog.h is "local2.info", which should go to
messages because of the following line in /etc/syslog.conf:
*.=info;*.=notice;*.=warn;\
        auth,authpriv.none;\
        cron,daemon.none;\
        mail,news.none          -/var/log/messages

Seems like I should trace it at daemon startup stage to see if it fails
opening the file...

    thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20100609/5f6e946a/attachment.html>

More information about the Linux-il mailing list