Gentoo Archives: gentoo-user

From: Helmut Jarausch <jarausch@××××××××××××××××.de>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Syslog-ng is writing binary
Date: Sat, 27 Dec 2014 12:10:26
Message-Id: 1419682217.29481.0@numa-be
In Reply to: Re: [gentoo-user] Syslog-ng is writing binary by Mick
1 On 12/27/2014 10:52:04 AM, Mick wrote:
2 > On Friday 26 Dec 2014 23:33:33 Peter Humphrey wrote:
3 > > Hello list,
4 > >
5 > > For some time now I've had syslog-ng writing /var/log/messages in a
6 > binary
7 > > format:
8 > >
9 > > # file /var/log/messages
10 > > /var/log/messages: data
11 > > # grep syslog-ng /var/log/messages
12 > > Binary file /var/log/messages matches
13 > >
14 > > Yet:
15 > >
16 > > # head /var/log/messages
17 > > Dec 21 03:10:02 wstn run-crons[29014]: (root) CMD
18 > (/etc/cron.daily/man-db)
19 > > [...]
20 > >
21 > > Can I use the following method to restore the original text format
22 > of
23 > > /var/log/messages?
24 > >
25 > > 1. Boot rescue system and mount main system
26 > > 2. # cd /mnt/main/var/log
27 > > 3. # mv messages messages.bin
28 > > 4. # strings messages.bin > messages
29 > > 5. # rm messages.bin
30 > > 6. Reboot.
31 > >
32 > > I tried steps 1 - 4 and got a text file with very long lines, but I
33 > > chickened out before rebooting.
34 > >
35 > > It would be nice to find a config setting that's changed, but the
36 > change
37 > > log is silent and the admin guide gives me a headache :-(
38 >
39 >
40 > I don't know if this is a matter of changing some setting a in a
41 > config file -
42 > I haven't found any yet. It seems that upon boot up some binary data
43 > is
44 > written in the otherwise plain text logs:
45 >
46 >
47 > Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up;
48 > version='3.4.8'
49 > Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up;
50 > version='3.4.8'
51 > Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up;
52 > version='3.4.8'
53 > Dec 22 10:15:21
54 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
55 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
56 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
57 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
58 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
59 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
60 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
61 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup
62 > subsys
63 > cpuset
64 >
65 > Dec 22 10:15:21
66 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
67 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
68 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
69 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
70 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
71 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
72 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
73 > ^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup subsys cpuset
74 > Dec 22 10:15:21
75 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
76 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
77 > ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
78 > ^@^@^@^@^@^@^@^@^@^@
79 > [snip ...]
80 >
81 > I don't know if this is caused by some systemd infection of our
82 > systems! LOL!
83 >
84 >
85 > If you use 'less -L /var/log/messages' or cat, then you will be able
86 > to view
87 > the logs in text format. If you need to grep stuff then you can use:
88 >
89 > grep --binary-files=text -i firewall /var/log/messages
90 > [snip ...]
91 >
92 > Dec 27 09:24:03 dell_xps firewall: ** All firewall rules applied **
93 > Dec 27 09:24:03 dell_xps firewall: ** All firewall rules applied **
94 >
95 >
96 > Be careful that using grep like this might cause your terminal to
97 > execute some
98 > of the binary output as a command (check the man page).
99 >
100 > --
101 > Regards,
102 > Mick
103 >
104
105 I think this was a long standig bug. Version 3.6.2 seems to have fixed
106 this.
107 Helmut.

Replies

Subject Author
Re: [gentoo-user] Syslog-ng is writing binary Peter Humphrey <peter@××××××××××××.uk>