I mistakenly deleted my syslog file!! How can I ask Ubuntu to return and write to it?
Hi guys,
I mistakenly deleted my 'syslog' file, from /var/log/ directory. I wanted to clean the log from its history so I deleted the file, hoping the system will create a new one. But I noticed the system doesn't create a new one... and now I don't have the a system log anymore!! I tried creating a blank file by the same name, but it didn't help. I also tried copying back an older copy of the file to the same folder, but that didn't help either. Does anyone have an idea how can I make Ubuntu return writing to the syslog in /var/log/ ? Thanks, Koby |
Ubuntu - What version/build/release/spin?
|
[QUOTE=kobygold;5468031Does anyone have an idea how can I make Ubuntu return writing to the syslog in /var/log/ ?
[/QUOTE] Code:
~# service rsyslog restart |
Thanks guys.
Habitual, I'm using Ubuntu 14.04 LTS hortageno, I tried your command "~# service rsyslog restart" and got this error message: ~#: command not found Then tried changing it slightly to "service rsyslog restart" and got those warning messages: stop: Unknown job: rsyslog start: Unknown job: rsyslog Lastly I tried with sudo: "sudo service rsyslog restart" and got this messages: rsyslog stop/waiting rsyslog start/running, process 21920 I guess the last try is the correct one, right...? Anyway, the syslog still doesn't change and is still empty (I created an empty file before running your command) Am I doing something wrong...? Do I need a restart to the Ubuntu...? Is the directory from where I run the command important...? (I ran it from /var/log/) Thanks, Koby |
n/m.
|
Hi Habitual,
Thanks, but can you be more specific...? I don't understand what 'n/m' mean. Thanks, Koby |
I mistakenly deleted my syslog file!! How can I ask Ubuntu to return and write to it?
Remove the "~#" from the command. This was supposed to indicate that you need to run the command as root.
|
Thanks you very much guys, it worked!!
Two more small things: 1. I noticed that I can't read the syslog as a regular user, only as a SU. I get "permission denied" error message. Before deleting the file I was able to read it. Can I change that? 2. Can I clear the content of the syslog once in a while without interfering its process? If yes, what is the command for doing that? Thanks, Koby |
Re 2; that's job for logrotate - usually specified as /etc/logrotate.conf & /etc/logrotate.d/syslog (or similar)
|
Thanks chrism01 for your answer!
I've read a bit about the 'logrotate' command, and understood that it can be used to clean/compress/mail the log automatically daily, weekly etc. I found another command that cleans the log upon request, which is more the usage case I need. If anyone needs it here it is: Code:
sudo bash -c ">/var/log/syslog" |
Last question,
I still couldn't find a way to allow me to read the syslog without the 'sudo' command. and I need it for some automation tools that don't have the SU permissions... I've noticed that the file 'group' has changed from 'syslog adm' to 'syslog syslog', and that seems to be the reason why I can't read it without the sudo. 'ls -la' shows the list below, where the first two files are accessible only using sudo, and last two are accessible regularly (without using sudo) You can see that the last two have 'syslog adm' where the first two have 'syslog syslog' Code:
-rw-r----- 1 syslog syslog 333974 Dec 24 11:01 syslog Thanks, Koby |
Quote:
Code:
... |
Thanks hortageno,
My rsyslog.conf file looks similar to yours (see below). Perhaps there's a difference at the PrivDropToUser & PrivDropToGroup properties...? Can I simply edit and change this config file...? Code:
# |
Add yourself to adm group.
Code:
sudo useradd -G adm kobygold Code:
sudo chown syslog:adm /var/log/syslog Check kobygold groups in terminal using Code:
groups $(whoami) |
Thanks Habitual!
It worked perfectly! You're the man! :) |
All times are GMT -5. The time now is 11:22 AM. |