/var/log
I find that within the /var/log folder it periodically creates the following files ksyms.0, ksyms.1, ksyms.2, etc. What are these files?
I also noticed going through my messages file that /var/log/wtmp changed mode from 664 to 600? Why is this so? |
well, the .0 or .1 files are old logs that are rotated. All your log files should be 600 for security reasons.
|
Archite,
Thank you however what is the difference between syslog, messages and ksyms.0, etc? They can't be logging the same events. |
Logfiles are somewhat distro specific I've found ... you should check your /etc/syslog.conf to see exactly what's being logged where. On many distros, messages logs everything except user authentication logging, which is handled by secure. I think ksyms may have something to do with the kernel, but I'm not totally sure. Most distros don't use syslog (Slackware being the one exception I can think of). In any case, you can view your logging setup in the aforementioned /etc/syslog.conf and change it if you don't like the way things are set up.
|
btmiller,
I don't mind the way things are setup but it helps to know what each file does before I blindly change any settings. I am aware logging differs from distribution to distribution however would you be able to advice what is common between most distributions? |
The one thing that is basically the same in all is that log files are in /var/log. Anything else can be fair game.
|
Thank you all for your help
|
sorry. I wish that I could help you more. Send a few lines of output from that log file in question and maybe we can figure out what it is.
|
Archite,
Thanks, I did to a degree find out what each file does. I just went through them comparing one another although it remains vague to me which "software" writes to messages, secure, user.log, kysms.0[etc]. Would you have any idea? |
Read the man page for ksyms.
|
stickman,
Thanks for the point of reference. Would you however know which "software" creates those logs? I'm guessing at this stage syslogd. |
Look in rc.sysinit.
|
stickman,
what do I look for within the rc.sysinit file? |
I think the obvious thing would be ksyms...
|
stickman,
Of course but saying that syslogd nor /etc/syslog.conf have any reference to ksyms.0, etc. Also the man pages on ksyms seems very arbitrary (to me at least since I'm relatively new to the world of Linux) |
All times are GMT -5. The time now is 12:59 AM. |