Gentoo Archives: gentoo-user

From:	Mick <michaelkintzios@×××××.com>
To:	gentoo-user@l.g.o
Subject:	Re: [gentoo-user] Syslog-ng is writing binary
Date:	Sat, 27 Dec 2014 09:52:25
Message-Id:	`201412270952.13419.michaelkintzios@gmail.com`
In Reply to:	[gentoo-user] Syslog-ng is writing binary by Peter Humphrey

1	On Friday 26 Dec 2014 23:33:33 Peter Humphrey wrote:
2	> Hello list,
3	>
4	> For some time now I've had syslog-ng writing /var/log/messages in a binary
5	> format:
6	>
7	> # file /var/log/messages
8	> /var/log/messages: data
9	> # grep syslog-ng /var/log/messages
10	> Binary file /var/log/messages matches
11	>
12	> Yet:
13	>
14	> # head /var/log/messages
15	> Dec 21 03:10:02 wstn run-crons[29014]: (root) CMD (/etc/cron.daily/man-db)
16	> [...]
17	>
18	> Can I use the following method to restore the original text format of
19	> /var/log/messages?
20	>
21	> 1. Boot rescue system and mount main system
22	> 2. # cd /mnt/main/var/log
23	> 3. # mv messages messages.bin
24	> 4. # strings messages.bin > messages
25	> 5. # rm messages.bin
26	> 6. Reboot.
27	>
28	> I tried steps 1 - 4 and got a text file with very long lines, but I
29	> chickened out before rebooting.
30	>
31	> It would be nice to find a config setting that's changed, but the change
32	> log is silent and the admin guide gives me a headache :-(
33
34
35	I don't know if this is a matter of changing some setting a in a config file -
36	I haven't found any yet. It seems that upon boot up some binary data is
37	written in the otherwise plain text logs:
38
39
40	Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up;
41	version='3.4.8'
42	Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up;
43	version='3.4.8'
44	Dec 22 10:15:21 dell_xps syslog-ng[1526]: syslog-ng starting up;
45	version='3.4.8'
46	Dec 22 10:15:21 ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
47	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
48	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
49	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
50	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
51	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
52	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
53	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup subsys
54	cpuset
55
56	Dec 22 10:15:21
57	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
58	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
59	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
60	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
61	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
62	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
63	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
64	^@^@^@^@^@^@^@^@^@^@ kernel: Initializing cgroup subsys cpuset
65	Dec 22 10:15:21
66	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
67	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
68	^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
69	^@^@^@^@^@^@^@^@^@^@
70	[snip ...]
71
72	I don't know if this is caused by some systemd infection of our systems! LOL!
73
74
75	If you use 'less -L /var/log/messages' or cat, then you will be able to view
76	the logs in text format. If you need to grep stuff then you can use:
77
78	grep --binary-files=text -i firewall /var/log/messages
79	[snip ...]
80
81	Dec 27 09:24:03 dell_xps firewall: All firewall rules applied
82	Dec 27 09:24:03 dell_xps firewall: All firewall rules applied
83
84
85	Be careful that using grep like this might cause your terminal to execute some
86	of the binary output as a command (check the man page).
87
88	--
89	Regards,
90	Mick

Attachments

File name	MIME type
signature.asc	application/pgp-signature

Replies

Subject	Author
Re: [gentoo-user] Syslog-ng is writing binary	Helmut Jarausch <jarausch@××××××××××××××××.de>

Report Message

Find on MARC Find on Google Groups