Date: Wed, 14 Feb 2001 15:58:04 -0800 From: Mark Hartley <freebsd@drapple.com> To: freebsd-security@freebsd.org Subject: Re: Syslogd stops working Message-ID: <20010214155804.B48740@router.drapple.com> In-Reply-To: <20010214184428.U91352@numachi.com>; from reichert@numachi.com on Wed, Feb 14, 2001 at 06:44:28PM -0500 References: <20010214154342.A48740@router.drapple.com> <20010214184428.U91352@numachi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 14, 2001 at 06:44:28PM -0500, Brian Reichert wrote: > On Wed, Feb 14, 2001 at 03:43:43PM -0800, Mark Hartley wrote: > > I have several different FreeBSD servers which I've upgraded recently > > through cvsup and rebuilding world due to the bind, ipfw, and ssh holes. > > > > However, I have one machine which I cvsupped and rebuilt on Jan 29th > > which has stopped logging to syslog. I've checked my syslog.conf file > > and everything seems fine. I had just been noticing a lack of people > > "banging" on my firewall. I got to looking, and syslog has not been > > functioning since that point. This is a very serious issue for me > > as I've potentially missed several important syslog notices. I checked, > > and syslogd is in fact running. > > > > Any ideas why this is happening and what I can do to remedy it? > > I've had issues with syslog logging to a serial console. It that you are > doing? > No, I'm logging to a couple of files. Here is the relevant snippet from my /etc/syslog.conf file !ftpd *.* /var/log/ftpd.log !sshd *.* /var/log/sshd.log !su *.* /var/log/su.log !ipfw *.* /var/log/ipfw.log I have it log all of those events to those log files, which do exist and which have not had their permissions modified since I created them (root:wheel) with mode 640. By the way, I am tracking 4.2-STABLE. I've checked the -STABLE mailing list archives and I saw some work being done with syslog, but nothing like what I'm experiencing was mentioned. Mark. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010214155804.B48740>