1 |
On 14/11/2014 20:44, Helmut Jarausch wrote: |
2 |
> On 11/14/2014 06:46:28 PM, Alan McKinnon wrote: |
3 |
>> On 14/11/2014 18:18, Helmut Jarausch wrote: |
4 |
>>> On 11/13/2014 09:05:50 PM, Alan McKinnon wrote: |
5 |
>>>> On 13/11/2014 18:41, Helmut Jarausch wrote: |
6 |
>>>>> Hi, |
7 |
>>>>> |
8 |
>>>>> after upgrading from syslog-ng-3.5.6 to syslog-ng-3.6.1 my |
9 |
>> system |
10 |
>>>> has |
11 |
>>>>> stopped logging, i.e. I only get the messages |
12 |
>>>>> Nov 12 21:04:10 numa syslog-ng[1392]: syslog-ng shutting down; |
13 |
>>>>> version='3.6.1' |
14 |
>>>>> Nov 13 14:52:20 numa syslog-ng[1392]: syslog-ng starting up; |
15 |
>>>>> version='3.6.1' |
16 |
>>>>> |
17 |
>>>>> Has anybody observed the same problem, and how to fix it? |
18 |
>>>>> |
19 |
>>>>> Many thanks for a hint, |
20 |
>>>>> Helmut |
21 |
>>>>> |
22 |
>>>>> |
23 |
>>>> |
24 |
>>>> |
25 |
>>>> Run a syntax check on the config file, I don't have a man page to |
26 |
>>>> hand |
27 |
>>>> but it's quite obvious what the option is. |
28 |
>>>> syslog-ng has sometimes been picky about version numbers in the |
29 |
>> past |
30 |
>>>> and |
31 |
>>>> it's tagged in the config file. Read the syntax check output |
32 |
>>>> carefully |
33 |
>>>> to see if anything is amiss. |
34 |
>>> |
35 |
>>> Thanks, Alan. |
36 |
>>> |
37 |
>>> The only unusual message is |
38 |
>>> Systemd is not detected as the running init system; |
39 |
>>> |
40 |
>>> which is true since I still use openrc (but with systemd installed, |
41 |
>> as |
42 |
>>> well) |
43 |
>>> Could this be the culprit? |
44 |
>> |
45 |
>> |
46 |
>> I doubt it, I also use 3.6.1 without systemd. |
47 |
>> |
48 |
>> Please post eix syslog-ng so we can see how your USE is set up, and |
49 |
>> your |
50 |
>> syslog-ng.conf |
51 |
>> |
52 |
> Thanks, Alan. |
53 |
> |
54 |
> [U] app-admin/syslog-ng |
55 |
> Available versions: 3.4.7^t 3.4.8^t (~)3.5.6^t{tbz2}[1] |
56 |
> (~)3.6.1^t{tbz2} {amqp caps dbi geoip ipv6 json mongodb pacct +pcre |
57 |
> redis smtp spoof-source ssl systemd tcpd} |
58 |
> Installed versions: 3.5.6^t{tbz2}[1](05:21:52 PM 11/14/2014)(ipv6 |
59 |
> json pcre ssl systemd tcpd -amqp -caps -dbi -geoip -mongodb -pacct - |
60 |
> smtp -spoof-source) |
61 |
> Homepage: http://www.balabit.com/network-security/ |
62 |
> syslog-ng |
63 |
> Description: syslog replacement with advanced filtering |
64 |
> features |
65 |
|
66 |
|
67 |
I don't find any info on what the syslog-ng ebuild does with |
68 |
USE=systemd, I suspect it may want to use the fancy logging features |
69 |
built into systemd. |
70 |
|
71 |
Since you have it, but don't run it, does USE=-systemd fix the issue? |
72 |
|
73 |
|
74 |
> |
75 |
> And here are the config files (I've left out the commented lines) |
76 |
> |
77 |
> ================ /etc/syslog-ng/scl.conf ============================= |
78 |
> @define scl-root "`syslog-ng-data`/include/scl" |
79 |
> @define include-path "`include-path`:`syslog-ng-data`/include" |
80 |
> |
81 |
> @include 'scl/system/plugin.conf' |
82 |
> @include 'scl/pacct/plugin.conf' |
83 |
> @include 'scl/syslogconf/plugin.conf' |
84 |
> |
85 |
> ================ /etc/syslog-ng/syslog-ng.conf ================= |
86 |
> options { |
87 |
> threaded(yes); |
88 |
> chain_hostnames(no); |
89 |
> stats_freq(43200); |
90 |
> |
91 |
> mark_freq(3600); |
92 |
> }; |
93 |
> |
94 |
> source src { system(); internal(); }; |
95 |
> |
96 |
> destination messages { file("/var/log/messages"); }; |
97 |
> destination console_all { file("/dev/tty12"); }; |
98 |
> log { source(src); destination(messages); }; |
99 |
> log { source(src); destination(console_all); }; |
100 |
> |
101 |
> |
102 |
> ================ /etc/conf.d/syslog-ng ================= |
103 |
> SYSLOG_NG_OPTS="" |
104 |
|
105 |
|
106 |
That all looks normal, I don't see anything problematic there |
107 |
|
108 |
|
109 |
-- |
110 |
Alan McKinnon |
111 |
alan.mckinnon@×××××.com |