Date: Wed, 28 Mar 2001 21:28:22 -0500 From: Pete Fritchman <petef@databits.net> To: Three Letter Acronym <tla@spiderchain.com> Cc: freebsd-security@freebsd.org Subject: Re: log= file in /var/run Message-ID: <20010328212822.A4751@databits.net> In-Reply-To: <200103290124.f2T1OFQ73373@spiderchain.com>; from tla@spiderchain.com on Wed, Mar 28, 2001 at 05:24:15PM -0800 References: <657B20E93E93D4118F9700D0B73CE3EA0166D738@goofy.epylon.lan> <200103290124.f2T1OFQ73373@spiderchain.com>
next in thread | previous in thread | raw e-mail | index | archive | help
hex [20] % sockstat | grep "/var/run/log" root syslogd 272 3 dgram /var/run/log root syslogd 80 3 dgram /var/run/log hex [21] % -pete ++ 28/03/01 17:24 -0800 - Three Letter Acronym: >Hmmmm.....lsof doesn't show it. My first reaction, of course, >was to run lsof to see what process had it open. The only >that syslog has open that looks like it could be this thing is: > >(lsof output) >COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME >syslogd 117 root 3u unix 0xcbd7af00 0t0 ->(none) > >lsof doesn't seem to know what this is.....if it's syslog, that >would make me happier than several other things I could think of. > >I thought lsof did a reasonable job of finding names for things... >hmmm....well, actually it looks like lsof doesn't come up with >much for unix sockets. Lots of hex cruft, but not a lot else. > >thanks, > > --tla > >Jason DiCioccio <Jason.DiCioccio@Epylon.com> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> yes it's a pipe so things can log to syslog. >> >> >> - ------- >> Jason DiCioccio >> Evil Genius >> Unix BOFH >> >> mailto:jasond@epylon.com >> >> >> - -----Original Message----- >> From: Three Letter Acronym [mailto:tla@spiderchain.com] >> Sent: Wednesday, March 28, 2001 4:58 PM >> To: freebsd-security@freebsd.org >> Subject: log= file in /var/run >> >> >> I just found a file in /var/run: >> >> srw-rw-rw- 1 root wheel 0 Mar 11 08:58 log= >> >> What is this, and what dropped it here? I _really_ >> don't like the permissions........ >> >> Thoughts, anyone? >> >> --tla >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-security" in the body of the message >> >> -----BEGIN PGP SIGNATURE----- >> Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>; >> >> iQA/AwUBOsKLcFCmU62pemyaEQIxvQCfaB9snydBaPQC3cu+UmUwXiM+b+YAmwfF >> FTs5rMkdINSmKYmvQ6fIt6yf >> =jLkO >> -----END PGP SIGNATURE----- > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message -- Pete Fritchman <petef@databits.net> Databits Network Services, Inc. <http://databits.net>; finger petef@databits.net for PGP key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010328212822.A4751>