[H-GEN] /dev/log inside a chroot
Martin Pool
mbp at linuxcare.com.au
Tue Aug 22 23:44:42 EDT 2000
On Wed, Aug 23, 2000 at 12:33:43PM +1000, Bruce Campbell wrote:
> [ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Please observe the list's charter. ]
>
> On Wed, 23 Aug 2000, David Jericho wrote:
>
> davidj> A lot of applications obviously write to /dev/log as
> davidj> opposed to using udp based syslog logging. But inside a
> davidj> chroot, the new /dev/log isn't the same as the old
> davidj> /dev/log that syslog has opened.
> davidj>
> davidj> How do I go about fixing this? That is, getting the
> davidj> chrooted version of /dev/log to work?
>
> As long as the device is created with the appropriate major and minor
> numbers as the true /dev/log, messages written to /chroot/dev/log (ugh)
> should turn up in the global syslog.
If it had major/minor number that would be true, but as it doesn't it
isn't:
srw-rw-rw- 1 root root 0 Aug 23 06:30 /dev/log
This is a Unix domain socket, so you cannot just copy it. (?)
Either run a second copy of syslog as Mark suggested, or make programs
in the jail log over UDP to localhost, or use syslog-ng, which is
standard in recent Debians. Here, you can say:
source src { unix-stream("/dev/log"); unix-stream("/jail/dev/log"); internal(); };
--
Martin Pool
The right to use PGP is the right to speak Navajo.
-- Eben Moglen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20000823/0e588270/attachment.sig>
More information about the General
mailing list