Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i want to get loging working on my chrooted jail for sftp. I read that you need to add something like this to your start up scripts:
/sbin/syslogd -a /usr/chroot/dev/log
where /usr/chroot/dev/log is a file located under the chrooted root.
so, i assume that the startup script wil be /etc/rc.syslog. here is my question- do i need to start up two instances of syslog? seem like i would to me, but i'm not sure. would i just add the above line to the bottom of rc.syslog file? or try to edit it? here is a snip from my current rc.syslog file
<snip>
syslogd_start() {
if [ -x /usr/sbin/syslogd -a -x /usr/sbin/klogd ]; then
echo -n "Starting sysklogd daemons: "
echo -n " /usr/sbin/syslogd"
/usr/sbin/syslogd
sleep 1 # prevent syslogd/klogd race condition on SMP kernels
echo " /usr/sbin/klogd -c 3 -x"
# '-c 3' = display level 'error' or higher messages on console
# '-x' = turn off broken EIP translation
/usr/sbin/klogd -c 3 -x
fi
}
<end snip>
OPTIONS
-a socket
Using this argument you can specify additional
sockets from that syslogd has to listen to. This
is needed if you're going to let some daemon run
within a chroot() environment. You can use up to
19 additional sockets. If your environment needs
even more, you have to increase the symbol MAXFUNIX
within the syslogd.c source file. An example for a
chroot() daemon is described by the people from
OpenBSD at http://www.psionic.com/papers/dns.html.
(Sorry if I was being redundant)
If you run two instances (which you should be able to), it will be easier to keep the logs seperate, if that's what you desire. Look at the -p and and -f if so. I don't think that the standard syslog wouldn't let you filter on your source.
So two instances would be to add a line just after /usr/sbin/syslogd.
One instance would just add the -a <chrooted log socket> to that line.
I don't think slackware has kill/stop scripts for syslog does it?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.