1 |
On 12/27/2014 10:52:04 AM, Mick wrote: |
2 |
> On Friday 26 Dec 2014 23:33:33 Peter Humphrey wrote: |
3 |
> > Hello list, |
4 |
> > |
5 |
> > For some time now I've had syslog-ng writing /var/log/messages in a |
6 |
> binary |
7 |
> > format: |
8 |
> > |
9 |
> > # file /var/log/messages |
10 |
> > /var/log/messages: data |
11 |
> > # grep syslog-ng /var/log/messages |
12 |
> > Binary file /var/log/messages matches |
13 |
> > |
14 |
> > Yet: |
15 |
> > |
16 |
> > # head /var/log/messages |
17 |
> > Dec 21 03:10:02 wstn run-crons[29014]: (root) CMD |
18 |
> (/etc/cron.daily/man-db) |
19 |
> > [...] |
20 |
> > |
21 |
> > Can I use the following method to restore the original text format |
22 |
> of |
23 |
> > /var/log/messages? |
24 |
> > |
25 |
> > 1. Boot rescue system and mount main system |
26 |
> > 2. # cd /mnt/main/var/log |
27 |
> > 3. # mv messages messages.bin |
28 |
> > 4. # strings messages.bin > messages |
29 |
> > 5. # rm messages.bin |
30 |
> > 6. Reboot. |
31 |
> > |
32 |
> > I tried steps 1 - 4 and got a text file with very long lines, but I |
33 |
> > chickened out before rebooting. |
34 |
> > |
35 |
> > It would be nice to find a config setting that's changed, but the |
36 |
> change |
37 |
> > log is silent and the admin guide gives me a headache :-( |
38 |
> |
39 |
> |
40 |
> I don't know if this is a matter of changing some setting a in a |
41 |
> config file - |
42 |
> I haven't found any yet. It seems that upon boot up some binary data |
43 |
> is |
44 |
> written in the otherwise plain text logs: |
45 |
> |
46 |
> |
47 |
> Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up; |
48 |
> version='3.4.8' |
49 |
> Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up; |
50 |
> version='3.4.8' |
51 |
> Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up; |
52 |
> version='3.4.8' |
53 |
> Dec 22 10:15:21 |
54 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
55 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
56 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
57 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
58 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
59 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
60 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
61 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup |
62 |
> subsys |
63 |
> cpuset |
64 |
> |
65 |
> Dec 22 10:15:21 |
66 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
67 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
68 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
69 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
70 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
71 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
72 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
73 |
> ^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup subsys cpuset |
74 |
> Dec 22 10:15:21 |
75 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
76 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
77 |
> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ |
78 |
> ^@^@^@^@^@^@^@^@^@^@ |
79 |
> [snip ...] |
80 |
> |
81 |
> I don't know if this is caused by some systemd infection of our |
82 |
> systems! LOL! |
83 |
> |
84 |
> |
85 |
> If you use 'less -L /var/log/messages' or cat, then you will be able |
86 |
> to view |
87 |
> the logs in text format. If you need to grep stuff then you can use: |
88 |
> |
89 |
> grep --binary-files=text -i firewall /var/log/messages |
90 |
> [snip ...] |
91 |
> |
92 |
> Dec 27 09:24:03 dell_xps firewall: ** All firewall rules applied ** |
93 |
> Dec 27 09:24:03 dell_xps firewall: ** All firewall rules applied ** |
94 |
> |
95 |
> |
96 |
> Be careful that using grep like this might cause your terminal to |
97 |
> execute some |
98 |
> of the binary output as a command (check the man page). |
99 |
> |
100 |
> -- |
101 |
> Regards, |
102 |
> Mick |
103 |
> |
104 |
|
105 |
I think this was a long standig bug. Version 3.6.2 seems to have fixed |
106 |
this. |
107 |
Helmut. |