Date: Thu, 27 Dec 2007 12:20:01 -0600 From: Jeffrey Goldberg <jeffrey@goldmark.org> To: Peter Boosten <peter@boosten.org> Cc: User questions <freebsd-questions@freebsd.org> Subject: Re: syslog-ng not logging Message-ID: <9F820227-4DB1-474E-B50C-1CE2536CC1FD@goldmark.org> In-Reply-To: <20071227174049.ku0vp66isksgkk0c@www.boosten.org> References: <1FF40B1F-D183-421A-A7A6-1BFD8E5EBE15@utdallas.edu> <20071227044016.bqrtqsjpwogkgc8k@www.boosten.org> <98D543FB-8060-4F8F-B4FD-4E5B8ABE876F@goldmark.org> <20071227174049.ku0vp66isksgkk0c@www.boosten.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 27, 2007, at 10:40 AM, Peter Boosten wrote: > Quoting Jeffrey Goldberg <jeffrey@goldmark.org>: > >> Is there any reason not to simply do a >> >> cd /var/log >> chown -R daemon . > > I think (but I'm not sure) that permissions will be reversed by mtree. This is the first I've heard of mtree. I just looked mtree(8), but I take it that mtree is run periodically somehow to "fix" things. Do you know where? I can always keep my logs in some place other than /var/log if this is an issue. >> also >> >> chown daemon /dev/console > > Won't work either. *if* you're going to do that you should alter / > etc/devfs.conf More things to learn. I'm not really concerned about logging to console anyway, as the machine will run headless most of the time. >> Will log rotation preserve daemon ownership? > > Never used the *traditional* log style with syslog-ng, I stored > everything per day/month/year/server. I'm doing that for hosts that this is the remote syslod server for. I'm using /var/log/HOSTS/$HOST/$YEAR/$MONTH/$DAY/$FACILITY-$YEAR$MONTH$DAY" for everything coming from the udp source. I suppose I could just add "localhost" under HOSTS to do a similar destination for everything else, though there I would probably have FACILITY be the major categorization > I ended up running syslog-ng as root, which is probably a bad idea > as well, so I cannot give you any advice on this one. It sounds like using something other than /var/log for a destination makes the most sense. I won't promise anything, but if I get to grok this all better, I'll submit a pr for syslog-ng which includes a pkg-message and a FreeBSD README. (I had to look in the startup script for instructions on how to enable syslog-ng). Cheers, -j
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9F820227-4DB1-474E-B50C-1CE2536CC1FD>