Hello all, On Wed, Jun 05, 2013 at 10:01:52AM +0200, Tomas Pospisek wrote: > [...] > The basic problem at hand here is that it seems that reading from > the kernel log facility is *destructive*, so when multiple > processes, no matter if inside a lxc container or on the host system > read from the kernel log facility, then there's a race condition on > the logs coming from the kernel log facility with an undefined > outcome on who will get what data from the kernel log facility. > > The result is gibberish in kern.log. > > A solution to this problem is to disable reading from the kernel log > facility inside the guest VMs. > > Optimally this condition would be detected automatically by the VM > guests which would automatically disable reading from the kernel log > facility once they detect they are a VM. > > Or we leave it as is and hope that the sysadmin is kowledgeable > enough to disable it manually. > > What to do?
IMHO per default no guest should have any access to the kernel log facility of the host at all. I'm not aware, though, which LXC capabilities are possible / normally set nowadays that could affect this (the one guest where I experienced this oddity at hand was set up quite obscurely and thus probably doesn't follow any standards or best practices). If the sysadmin desires to have such an access from within a guest they should be allowed to do so and be given a pointer on how to configure rsyslog to work as desired. Cheers, Flo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org