You can start syslogd in the foreground to verify that it is actually
logging. The messages will show you which file it is logging to
Ronny wrote:
Hello buddies hope you are still in the moods of helping :-) .
Was wondering what on earth can stop syslogd from working.I recall 2
months back was messing around my 'test' machine that happens to be my
desktop too.But of recent I nolonger see new logs :-( .
Hope I wasn't *rooted * ;-)
See output below
[EMAIL PROTECTED] etc]# cat syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* /var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
*.emerg *
# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
local7.* /var/log/boot.log
[EMAIL PROTECTED] etc]#
[EMAIL PROTECTED] log]# cat secure
Oct 10 08:34:25 pixmail userhelper[2819]: running '/sbin/reboot' with
root privileges on behalfof 'root'
Oct 10 08:35:01 pixmail sshd[1927]: Received signal 15; terminating.
[EMAIL PROTECTED] log]#
Interesting! what was terminating what :-) and who gave authority
to that program (userhelper) to reboot on behalf of root!!.Can someone
advise what might have happened to syslog?
Strange but true ------->[EMAIL PROTECTED] log]# /sbin/syslogd
syslogd: Already running.
And nothing much from selinux side
<cough> it's dirsty!!
[EMAIL PROTECTED] log]# /usr/sbin/sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 19
Policy from config file:targeted
Policy booleans:
allow_execmem active
allow_execmod active
allow_execstack active
allow_kerberos inactive
allow_ypbind inactive
dhcpd_disable_trans inactive
httpd_builtin_scripting active
httpd_can_network_connectinactive
httpd_disable_trans inactive
httpd_enable_cgi active
httpd_enable_homedirs active
httpd_ssi_exec active
httpd_tty_comm inactive
httpd_unified active
mysqld_disable_trans inactive
named_disable_trans inactive
named_write_master_zonesinactive
nscd_disable_trans inactive
ntpd_disable_trans inactive
portmap_disable_trans inactive
postgresql_disable_transinactive
read_default_t active
snmpd_disable_trans inactive
squid_connect_any inactive
squid_disable_trans inactive
syslogd_disable_trans inactive
use_nfs_home_dirs inactive
use_samba_home_dirs inactive
winbind_disable_trans inactive
ypbind_disable_trans inactive
[EMAIL PROTECTED] log]#
Thanks for ya time but please need my box surveillance system up
during the holiday.And sorry for coloring it's festive season :-)
Merry-xmas
Ronny
--
*******************************************************************
PGP Fingerprint: 6695 794A B84E D922 88FB 73CC 6CBD 8036 B3CD 7304
We can't become what we need to be by remaining what we are
*******************************************************************
------------------------------------------------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any way.
---------------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any way.
---------------------------------------
