System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

syslogd in chroot forwarding to central server

SOLVED
Go to solution
Jeff_Traigle
Honored Contributor

syslogd in chroot forwarding to central server

I have the chroot environment working. There's a syslogd running in the chroot environment so messages get logged to /var/adm/syslog/syslog.log and /newroot/var/adm/syslog/syslog.log. I have both instances configured to forward all messages to our central syslog server. The chroot instance of syslogd is not forwarding its messages, however. I copied /etc/resolv.conf to /new/root/etc/resolv.conf so the hostname can be resolved via DNS. Must be something else I'm missing (or it simply won't work for some reason). Anyone done this?

--
Jeff Traigle
7 REPLIES
Laurent Menase
Honored Contributor

Re: syslogd in chroot forwarding to central server

do you have a /new/root/etc/syslog.conf

Naj
Valued Contributor

Re: syslogd in chroot forwarding to central server

Hi,

How about config file for log, did you config properly?

____________________________________________
:: Really appreciate if you could assign some points.
:: Don't know how to assign point? Click the KUDOS! star!
Jeff_Traigle
Honored Contributor

Re: syslogd in chroot forwarding to central server

Same syslog.conf for both instances:

 

mail.debug              /var/adm/syslog/mail.log
*.info;mail.none        /var/adm/syslog/syslog.log
*.alert                 /dev/console
*.alert                 root
*.emerg                 *
*.info       @loghost

--
Jeff Traigle
Denver Osborn
Honored Contributor

Re: syslogd in chroot forwarding to central server

Have you tried running the chroot'd syslogd in debug mode?

 

/usr/sbin/syslogd -d -D -N

 

-denver

Jeff_Traigle
Honored Contributor

Re: syslogd in chroot forwarding to central server

Hey, Denver. Hope all is well with you.

 

I haven't yet. Figured there was some debug option, but hadn't looked at it yet. Been bouncing between several projects and just helping out on this one. I'll try it today to see what info it yields and report back.

--
Jeff Traigle
Denver Osborn
Honored Contributor
Solution

Re: syslogd in chroot forwarding to central server

Hey Jeff, all is well here.

 

I was able to play around and got it working on an 11iv3 box. Here's what I have in my chroot.  I suspect you're either missing libnss_* libs or ip dev special files from your chroot.  Turns out the debug option didn't help any, so I ran tusc against the chrooted syslogd and copied what was missing.

 

 root/newroot # find ./
.
./etc
./etc/syslog.conf
./etc/services
./etc/resolv.conf
./etc/nsswitch.conf
./var
./var/adm
./var/adm/syslog
./var/adm/syslog/mail.log
./var/adm/syslog/syslog.log
./usr
./usr/sbin
./usr/sbin/syslogd
./usr/sbin/tusc
./usr/lib
./usr/lib/libc.2
./usr/lib/libdld.2
./usr/lib/dld.sl
./usr/lib/libnss_compat.1
./usr/lib/libnss_dce.1
./usr/lib/libnss_dns.1
./usr/lib/libnss_files.1
./usr/lib/libnss_nis.1
./usr/lib/tztab
./usr/bin
./usr/bin/ps
./usr/bin/logger
./sbin
./sbin/sh
./sbin/ls
./sbin/cat
./dev
./dev/log
./dev/console
./dev/udp
./dev/log.un
./dev/ip
./dev/ip6
./dev/rawip
./dev/rawip6
./dev/udp6

Jeff_Traigle
Honored Contributor

Re: syslogd in chroot forwarding to central server

Thanks, Denver. We were missing services, the IP and UDP device files, and some of the libnss libraries that ssh_chroot_setup.sh didn't copy. It's working like a champ now.

--
Jeff Traigle