/var/log/messages is empty in Fedora Core 8
 

Hi,

I reinstalled my server with Fedora Core 8 and my /var/log/messages is empty. The date of the file is the date of the day en the time is 04:40. So logwatch is doing something whit it but why is it empty?

:confused:

There is a file called lastlog in that same dir and the date and time of that file is changing a couple of time a day. So I guess lastlog is the right file but this is a binnary file?

:confused:

help

Is (r)syslogd running? If it is, does 'pgrep -f syslog|xargs -iP lsof -w -n -p 'P' +D/var/log' show it has /var/log/messages opened? Did you change anything in /etc/(r)syslog.conf? BTW, Logwatch only summarises log contents, it doesn't alter logs. Logfile management is done by 'logrotate'.

lastlog just tracks user logins;
there should be a command 'lastlog' that you can run that reads this file and reports when the last time users logged in. there are some options to it if you want to review the man page for more info.

as far as messages... unusual.
try this if SELinux is set to Enforcing to see if it just has mislabeled contexts and syslogd is being denied access.

Hi

I disabled the rsyslogd daemon :eek:

Since when is it called rsyslogd? I always thought it was just syslogd whitout the 'r'.

When I want to enable / disable some daemons I use the command 'ntsysv'.
Is there an other (better) way to do this?

i personally use 'chkconfig'; i don't know that i'd say it is better or worse but another way to do it. ;)

ntsysv does the same thing but in a "cleaner" (menu driven) manner, allowing you to (de-)select multiple services at a time and then performing the actions chosen on completion;

Disabling (r)syslog is *not* at all good practice.

It was an accident.