sysnlog-ng lock whole machine ...

hi,

the machine is Linux 2.4.25 on i686, debian woody. it's a log-host
for about 30 other machines also.

1st: please confirm how do I log kernel messages (assuming klogd is NOT
running):

with this:

source ksrc { file("/proc/kmsg"); };

or this:

source ksrc { pipe("/proc/kmsg"); };


2nd: the machine "hangs" from time to time - cron is hanging, login is
not spawning shell, sshd too. i have pinpointed it so i'm pretty sure
that all those processes hang on socket connection to /dev/log. killing
syslog-ng cures that.

what can I do?

thanks in advance, P

PS. my config:

options { long_hostnames(off); sync(0)};

source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };
source net { udp(); };

filter f_auth           { facility(auth, authpriv) and not match("cron"); };
filter f_NOauth         { not facility(auth, authpriv); };

filter f_cron           { facility(cron) or match("cron"); };
filter f_NOcron         { not facility(cron) and not match("cron"); };

filter f_daemon         { facility(daemon); };
filter f_kern           { facility(kern); };
filter f_lpr            { facility(lpr); };
filter f_mailnews       { facility(mail, news); };
filter f_user           { facility(user); };
filter f_uucp           { facility(uucp); };

filter p_debug          { level(debug); };
filter p_info           { level(info); };
filter p_notice         { level(notice); };
filter p_warn           { level(warn); };
filter p_err            { level(err); };
filter p_crit           { level(crit); };
filter p_alert          { level(alert); };
filter p_emergency      { level(emerg); };

filter f_all            { level(debug..emerg); };

filter f_iptables       { facility(kern) and match("IN=[A-Za-z0-9]* 
OUT=[A-Za-z0-9]*"); };
filter f_NOiptables     {                not match("IN=[A-Za-z0-9]* 
OUT=[A-Za-z0-9]*"); };

filter f_named          { level(debug..emerg) and match("named"); };
filter f_NOnamed        {                     not match("named"); };

filter f_dhcpd          { level(debug..emerg) and match("dhcpd"); };
filter f_NOdhcpd        {                     not match("dhcpd"); };

destination authlog     { file("/var/log/syslog/auth.log"); };
destination cron        { file("/var/log/syslog/cron.log"); };
destination syslog      { file("/var/log/syslog/syslog.log"); };
destination iptables    { file("/var/log/syslog/iptables.log"); };
destination named       { file("/var/log/syslog/named.log"); };
destination dhcpd       { file("/var/log/syslog/dhcpd.log"); };

destination tty11       { file("/dev/tty11"); };
destination tty12       { file("/dev/tty12"); };

log { source(src); filter(f_auth);      destination(authlog); };
log { source(src); filter(f_auth);      destination(tty11); };

log { source(src); filter(f_cron);      destination(cron); };

log { source(src); filter(f_all); filter(f_NOcron); filter(f_NOauth); 
filter(f_NOiptables); filter(f_NOnamed); filter(f_NOdhcpd); 
destination(syslog); };
log { source(src); filter(f_all); filter(f_NOcron); filter(f_NOauth); 
filter(f_NOiptables); filter(f_NOnamed); filter(f_NOdhcpd); destination(tty12); 
};

log { source(src); filter(f_iptables);  destination(iptables); };
log { source(src); filter(f_named);     destination(named); };
log { source(src); filter(f_dhcpd);     destination(dhcpd); };

filter f_pix            { host("pix"); };       destination pix         { 
file("/var/log/syslog/pix.log"); };           log { source(net); filter(f_pix); 
      destination(pix); };
filter f_lit            { host("lit"); };       destination lit         { 
file("/var/log/syslog/lit.log"); };           log { source(net); filter(f_lit); 
      destination(lit); };
filter f_beryl          { host("beryl"); };     destination beryl       { 
file("/var/log/syslog/beryl.log"); };         log { source(net); 
filter(f_beryl);     destination(beryl); };
filter f_bor            { host("bor"); };       destination bor         { 
file("/var/log/syslog/bor.log"); };           log { source(net); filter(f_bor); 
      destination(bor); };
filter f_wegiel         { host("wegiel"); };    destination wegiel      { 
file("/var/log/syslog/wegiel.log"); };        log { source(net); 
filter(f_wegiel);    destination(wegiel); };
filter f_azot           { host("azot"); };      destination azot        { 
file("/var/log/syslog/azot.log"); };          log { source(net); 
filter(f_azot);      destination(azot); };
filter f_tlen           { host("tlen"); };      destination tlen        { 
file("/var/log/syslog/tlen.log"); };          log { source(net); 
filter(f_tlen);      destination(tlen); };
filter f_fluor          { host("fluor"); };     destination fluor       { 
file("/var/log/syslog/fluor.log"); };         log { source(net); 
filter(f_fluor);     destination(fluor); };
filter f_neon           { host("neon"); };      destination neon        { 
file("/var/log/syslog/neon.log"); };          log { source(net); 
filter(f_neon);      destination(neon); };
filter f_hel            { host("hel"); };       destination hel         { 
file("/var/log/syslog/hel.log"); };           log { source(net); filter(f_hel); 
      destination(hel); };
filter f_sod            { host("sod"); };       destination sod         { 
file("/var/log/syslog/sod.log"); };           log { source(net); filter(f_sod); 
      destination(sod); };
filter f_magnez         { host("magnez"); };    destination magnez      { 
file("/var/log/syslog/magnez.log"); };        log { source(net); 
filter(f_magnez);    destination(magnez); };
filter f_glin           { host("glin"); };      destination glin        { 
file("/var/log/syslog/glin.log"); };          log { source(net); 
filter(f_glin);      destination(glin); };
filter f_krzem          { host("krzem"); };     destination krzem       { 
file("/var/log/syslog/krzem.log"); };         log { source(net); 
filter(f_krzem);     destination(krzem); };
filter f_fosfor         { host("fosfor"); };    destination fosfor      { 
file("/var/log/syslog/fosfor.log"); };        log { source(net); 
filter(f_fosfor);    destination(fosfor); };
filter f_siarka         { host("siarka"); };    destination siarka      { 
file("/var/log/syslog/siarka.log"); };        log { source(net); 
filter(f_siarka);    destination(siarka); };
filter f_chlor          { host("chlor"); };     destination chlor       { 
file("/var/log/syslog/chlor.log"); };         log { source(net); 
filter(f_chlor);     destination(chlor); };
filter f_argon          { host("argon"); };     destination argon       { 
file("/var/log/syslog/argon.log"); };         log { source(net); 
filter(f_argon);     destination(argon); };
filter f_potas          { host("potas"); };     destination potas       { 
file("/var/log/syslog/potas.log"); };         log { source(net); 
filter(f_potas);     destination(potas); };
filter f_wapn           { host("wapn"); };      destination wapn        { 
file("/var/log/syslog/wapn.log"); };          log { source(net); 
filter(f_wapn);      destination(wapn); };
filter f_gal            { host("gal"); };       destination gal         { 
file("/var/log/syslog/gal.log"); };           log { source(net); filter(f_gal); 
      destination(gal); };
filter f_german         { host("german"); };    destination german      { 
file("/var/log/syslog/german.log"); };        log { source(net); 
filter(f_german);    destination(german); };
filter f_arsen          { host("arsen"); };     destination arsen       { 
file("/var/log/syslog/arsen.log"); };         log { source(net); 
filter(f_arsen);     destination(arsen); };
filter f_selen          { host("selen"); };     destination selen       { 
file("/var/log/syslog/selen.log"); };         log { source(net); 
filter(f_selen);     destination(selen); };
filter f_brom           { host("brom"); };      destination brom        { 
file("/var/log/syslog/brom.log"); };          log { source(net); 
filter(f_brom);      destination(brom); };
filter f_krypton        { host("krypton"); };   destination krypton     { 
file("/var/log/syslog/krypton.log"); };       log { source(net); 
filter(f_krypton);   destination(krypton); };
filter f_rubid          { host("rubid"); };     destination rubid       { 
file("/var/log/syslog/rubid.log"); };         log { source(net); 
filter(f_rubid);     destination(rubid); };
filter f_stront         { host("stront"); };    destination stront      { 
file("/var/log/syslog/stront.log"); };        log { source(net); 
filter(f_stront);    destination(stront); };
filter f_ind            { host("ind"); };       destination ind         { 
file("/var/log/syslog/ind.log"); };           log { source(net); filter(f_ind); 
      destination(ind); };
filter f_cyna           { host("cyna"); };      destination cyna        { 
file("/var/log/syslog/cyna.log"); };          log { source(net); 
filter(f_cyna);      destination(cyna); };
filter f_antymon        { host("antymon"); };   destination antymon     { 
file("/var/log/syslog/antymon.log"); };       log { source(net); 
filter(f_antymon);   destination(antymon); };
filter f_tellur         { host("tellur"); };    destination tellur      { 
file("/var/log/syslog/tellur.log"); };        log { source(net); 
filter(f_tellur);    destination(tellur); };

-- 
Pawel Dziekonski <pawel.dziekonski|@|pwr.wroc.pl>, KDM WCSS avatar:0:0:
Wroclaw Networking & Supercomputing Center, HPC Department
-> See message headers for privacy policy and S/MIME info.
_______________________________________________
syslog-ng maillist  -  syslog-ng@xxxxxxxxxxxxxxxx
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html