system log stop logging












0















Was trying to enable log for chroot users
May have done sth. wrong ,find ls -l in /var/log most log files size stay 0.
Try to fix it followed this answer 



# systemctl restart systemd-journald.socket

# systemctl start rsyslogd

Failed to start rsyslogd.service: Unit rsyslogd.service not found.


and this answer 



# logger -s "hellow"

logger: socket /dev/log: No such file or directory

# sudo rsyslogd -N6 | head -10

sudo: unable to resolve host iZ26v45oj3yjtmZ

rsyslogd: version 8.16.0, config validation run (level 6), master config /etc/rsyslog.conf

rsyslogd: command 'KLogPermitNonKernelFacility' is currently not permitted - did you already set it via a RainerScript command (v6+ config)? [v8.16.0 try http://www.rsyslog.com/e/2222 ]



# ls /dev/log

ls: cannot access '/dev/log': No such file or directory


And checked syslogd is running



#lsof -f -p 5379

syslogd 5379 root   16w   REG              253,1        0    1844521 /var/log/news/news.err

syslogd 5379 root   17w   REG              253,1        0    1844536 /var/log/news/news.notice

syslogd 5379 root   18w   REG              253,1     3282    1580873 /var/log/debug.1 (deleted)

syslogd 5379 root   19w   REG              253,1   110492    1580898 /var/log/messages.1 (deleted)

syslogd 5379 root   20u  FIFO                0,6      0t0        423 /dev/xconsole

syslogd 5379 root   21u  unix 0xffff880138be9400      0t0     212524 /dev/log type=DGRAM


The /etc/rsyslog.conf file



#################

#### MODULES ####

#################



module(load="imuxsock") # provides support for local system logging

module(load="imklog")   # provides kernel logging support

#module(load="immark")  # provides --MARK-- message capability



# provides UDP syslog reception

#module(load="imudp")

#input(type="imudp" port="514")



# provides TCP syslog reception

#module(load="imtcp")

#input(type="imtcp" port="514")

# Enable non-kernel facility klog messages

$KLogPermitNonKernelFacility on



###########################

#### GLOBAL DIRECTIVES ####

###########################



#

# Use traditional timestamp format.

# To enable high precision timestamps, comment out the following line.

#

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat



# Filter duplicated messages

$RepeatedMsgReduction on

#

# Set the default permissions for all log files.

#

$FileOwner syslog

$FileGroup adm

$FileCreateMode 0640

$DirCreateMode 0755

$Umask 0022

$PrivDropToUser syslog

$PrivDropToGroup syslog



#

# Where to place spool and state files

#

$WorkDirectory /var/spool/rsyslog



#

# Include all config files in /etc/rsyslog.d/

#

$IncludeConfig /etc/rsyslog.d/*.conf


The /etc/syslog.conf file



#  /etc/syslog.conf     Configuration file for inetutils-syslogd.

#

#                       For more information see syslog.conf(5) manpage.



#

# First some standard logfiles.  Log by facility.

#



auth,authpriv.*                 /var/log/auth.log

*.*;auth,authpriv.none          -/var/log/syslog

#cron.*                         /var/log/cron.log

daemon.*                        -/var/log/daemon.log

kern.*                          -/var/log/kern.log

lpr.*                           -/var/log/lpr.log

mail.*                          -/var/log/mail.log

user.*                          -/var/log/user.log

uucp.*                          /var/log/uucp.log



#

# Logging for the mail system.  Split it up so that

# it is easy to write scripts to parse these files.

#

mail.info                       -/var/log/mail.info

mail.warn                       -/var/log/mail.warn

mail.err                        /var/log/mail.err



# Logging for INN news system

#

news.crit                       /var/log/news/news.crit

news.err                        /var/log/news/news.err

news.notice                     -/var/log/news/news.notice



#

# Some `catch-all' logfiles.

#

*.=debug;

        auth,authpriv.none;

        news.none;mail.none     -/var/log/debug

*.=info;*.=notice;*.=warn;

        auth,authpriv.none;

        cron,daemon.none;

        mail,news.none          -/var/log/messages



#

# Emergencies are sent to everybody logged in.

#

*.emerg                         *



#

# I like to have messages displayed on the console, but only on a virtual

# console I usually leave idle.

#

#daemon,mail.*;

#       news.=crit;news.=err;news.=notice;

#       *.=debug;*.=info;

#       *.=notice;*.=warn       /dev/tty8



# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,

# you must invoke `xconsole' with the `-file' option:

#

#    $ xconsole -file /dev/xconsole [...]

#

# NOTE: adjust the list below, or you'll go crazy if you have a reasonably

#      busy site..

#

daemon.*;mail.*;

        news.crit;news.err;news.notice;

        *.=debug;*.=info;

        *.=notice;*.=warn       |/dev/xconsole


Problems here are:
1.




Failed to start rsyslogd.service




2.




ls: cannot access '/dev/log': No such file or directory






  1. ls -l /var/log most log file's size is 0






syslog rsyslog







share|improve this question

























  • stop rsyslog service and run sudo rsyslogd -dn. See what does it say ? Also, have you made any file in /etc/rsyslog.d ?

    – Luv33preet
    Jul 28 '17 at 7:45













  • the output of sudo rsyslogd -dn is too much ,I put it on the main post.# ls /etc/rsyslog.d shows 20-ufw.conf 50-default.conf

    – Shihe Zhang
    Jul 28 '17 at 7:57











  • no dont post the output, it will give every single line. Just see what they say here. If you find anything helpful, post that thing. Or I would suggest you to open an issue in rsyslog github repo, github.com/rsyslog/rsyslog/issues/new

    – Luv33preet
    Jul 28 '17 at 8:06











  • Thank you @Luv33preet I remove the output,how ever the output is too long to read.Which part or keyword should be care?

    – Shihe Zhang
    Jul 28 '17 at 8:34
















0















Was trying to enable log for chroot users
May have done sth. wrong ,find ls -l in /var/log most log files size stay 0.
Try to fix it followed this answer 



# systemctl restart systemd-journald.socket

# systemctl start rsyslogd

Failed to start rsyslogd.service: Unit rsyslogd.service not found.


and this answer 



# logger -s "hellow"

logger: socket /dev/log: No such file or directory

# sudo rsyslogd -N6 | head -10

sudo: unable to resolve host iZ26v45oj3yjtmZ

rsyslogd: version 8.16.0, config validation run (level 6), master config /etc/rsyslog.conf

rsyslogd: command 'KLogPermitNonKernelFacility' is currently not permitted - did you already set it via a RainerScript command (v6+ config)? [v8.16.0 try http://www.rsyslog.com/e/2222 ]



# ls /dev/log

ls: cannot access '/dev/log': No such file or directory


And checked syslogd is running



#lsof -f -p 5379

syslogd 5379 root   16w   REG              253,1        0    1844521 /var/log/news/news.err

syslogd 5379 root   17w   REG              253,1        0    1844536 /var/log/news/news.notice

syslogd 5379 root   18w   REG              253,1     3282    1580873 /var/log/debug.1 (deleted)

syslogd 5379 root   19w   REG              253,1   110492    1580898 /var/log/messages.1 (deleted)

syslogd 5379 root   20u  FIFO                0,6      0t0        423 /dev/xconsole

syslogd 5379 root   21u  unix 0xffff880138be9400      0t0     212524 /dev/log type=DGRAM


The /etc/rsyslog.conf file



#################

#### MODULES ####

#################



module(load="imuxsock") # provides support for local system logging

module(load="imklog")   # provides kernel logging support

#module(load="immark")  # provides --MARK-- message capability



# provides UDP syslog reception

#module(load="imudp")

#input(type="imudp" port="514")



# provides TCP syslog reception

#module(load="imtcp")

#input(type="imtcp" port="514")

# Enable non-kernel facility klog messages

$KLogPermitNonKernelFacility on



###########################

#### GLOBAL DIRECTIVES ####

###########################



#

# Use traditional timestamp format.

# To enable high precision timestamps, comment out the following line.

#

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat



# Filter duplicated messages

$RepeatedMsgReduction on

#

# Set the default permissions for all log files.

#

$FileOwner syslog

$FileGroup adm

$FileCreateMode 0640

$DirCreateMode 0755

$Umask 0022

$PrivDropToUser syslog

$PrivDropToGroup syslog



#

# Where to place spool and state files

#

$WorkDirectory /var/spool/rsyslog



#

# Include all config files in /etc/rsyslog.d/

#

$IncludeConfig /etc/rsyslog.d/*.conf


The /etc/syslog.conf file



#  /etc/syslog.conf     Configuration file for inetutils-syslogd.

#

#                       For more information see syslog.conf(5) manpage.



#

# First some standard logfiles.  Log by facility.

#



auth,authpriv.*                 /var/log/auth.log

*.*;auth,authpriv.none          -/var/log/syslog

#cron.*                         /var/log/cron.log

daemon.*                        -/var/log/daemon.log

kern.*                          -/var/log/kern.log

lpr.*                           -/var/log/lpr.log

mail.*                          -/var/log/mail.log

user.*                          -/var/log/user.log

uucp.*                          /var/log/uucp.log



#

# Logging for the mail system.  Split it up so that

# it is easy to write scripts to parse these files.

#

mail.info                       -/var/log/mail.info

mail.warn                       -/var/log/mail.warn

mail.err                        /var/log/mail.err



# Logging for INN news system

#

news.crit                       /var/log/news/news.crit

news.err                        /var/log/news/news.err

news.notice                     -/var/log/news/news.notice



#

# Some `catch-all' logfiles.

#

*.=debug;

        auth,authpriv.none;

        news.none;mail.none     -/var/log/debug

*.=info;*.=notice;*.=warn;

        auth,authpriv.none;

        cron,daemon.none;

        mail,news.none          -/var/log/messages



#

# Emergencies are sent to everybody logged in.

#

*.emerg                         *



#

# I like to have messages displayed on the console, but only on a virtual

# console I usually leave idle.

#

#daemon,mail.*;

#       news.=crit;news.=err;news.=notice;

#       *.=debug;*.=info;

#       *.=notice;*.=warn       /dev/tty8



# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,

# you must invoke `xconsole' with the `-file' option:

#

#    $ xconsole -file /dev/xconsole [...]

#

# NOTE: adjust the list below, or you'll go crazy if you have a reasonably

#      busy site..

#

daemon.*;mail.*;

        news.crit;news.err;news.notice;

        *.=debug;*.=info;

        *.=notice;*.=warn       |/dev/xconsole


Problems here are:
1.




Failed to start rsyslogd.service




2.




ls: cannot access '/dev/log': No such file or directory






  1. ls -l /var/log most log file's size is 0






syslog rsyslog







share|improve this question

























  • stop rsyslog service and run sudo rsyslogd -dn. See what does it say ? Also, have you made any file in /etc/rsyslog.d ?

    – Luv33preet
    Jul 28 '17 at 7:45













  • the output of sudo rsyslogd -dn is too much ,I put it on the main post.# ls /etc/rsyslog.d shows 20-ufw.conf 50-default.conf

    – Shihe Zhang
    Jul 28 '17 at 7:57











  • no dont post the output, it will give every single line. Just see what they say here. If you find anything helpful, post that thing. Or I would suggest you to open an issue in rsyslog github repo, github.com/rsyslog/rsyslog/issues/new

    – Luv33preet
    Jul 28 '17 at 8:06











  • Thank you @Luv33preet I remove the output,how ever the output is too long to read.Which part or keyword should be care?

    – Shihe Zhang
    Jul 28 '17 at 8:34














0












0








0








Was trying to enable log for chroot users
May have done sth. wrong ,find ls -l in /var/log most log files size stay 0.
Try to fix it followed this answer 



# systemctl restart systemd-journald.socket

# systemctl start rsyslogd

Failed to start rsyslogd.service: Unit rsyslogd.service not found.


and this answer 



# logger -s "hellow"

logger: socket /dev/log: No such file or directory

# sudo rsyslogd -N6 | head -10

sudo: unable to resolve host iZ26v45oj3yjtmZ

rsyslogd: version 8.16.0, config validation run (level 6), master config /etc/rsyslog.conf

rsyslogd: command 'KLogPermitNonKernelFacility' is currently not permitted - did you already set it via a RainerScript command (v6+ config)? [v8.16.0 try http://www.rsyslog.com/e/2222 ]



# ls /dev/log

ls: cannot access '/dev/log': No such file or directory


And checked syslogd is running



#lsof -f -p 5379

syslogd 5379 root   16w   REG              253,1        0    1844521 /var/log/news/news.err

syslogd 5379 root   17w   REG              253,1        0    1844536 /var/log/news/news.notice

syslogd 5379 root   18w   REG              253,1     3282    1580873 /var/log/debug.1 (deleted)

syslogd 5379 root   19w   REG              253,1   110492    1580898 /var/log/messages.1 (deleted)

syslogd 5379 root   20u  FIFO                0,6      0t0        423 /dev/xconsole

syslogd 5379 root   21u  unix 0xffff880138be9400      0t0     212524 /dev/log type=DGRAM


The /etc/rsyslog.conf file



#################

#### MODULES ####

#################



module(load="imuxsock") # provides support for local system logging

module(load="imklog")   # provides kernel logging support

#module(load="immark")  # provides --MARK-- message capability



# provides UDP syslog reception

#module(load="imudp")

#input(type="imudp" port="514")



# provides TCP syslog reception

#module(load="imtcp")

#input(type="imtcp" port="514")

# Enable non-kernel facility klog messages

$KLogPermitNonKernelFacility on



###########################

#### GLOBAL DIRECTIVES ####

###########################



#

# Use traditional timestamp format.

# To enable high precision timestamps, comment out the following line.

#

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat



# Filter duplicated messages

$RepeatedMsgReduction on

#

# Set the default permissions for all log files.

#

$FileOwner syslog

$FileGroup adm

$FileCreateMode 0640

$DirCreateMode 0755

$Umask 0022

$PrivDropToUser syslog

$PrivDropToGroup syslog



#

# Where to place spool and state files

#

$WorkDirectory /var/spool/rsyslog



#

# Include all config files in /etc/rsyslog.d/

#

$IncludeConfig /etc/rsyslog.d/*.conf


The /etc/syslog.conf file



#  /etc/syslog.conf     Configuration file for inetutils-syslogd.

#

#                       For more information see syslog.conf(5) manpage.



#

# First some standard logfiles.  Log by facility.

#



auth,authpriv.*                 /var/log/auth.log

*.*;auth,authpriv.none          -/var/log/syslog

#cron.*                         /var/log/cron.log

daemon.*                        -/var/log/daemon.log

kern.*                          -/var/log/kern.log

lpr.*                           -/var/log/lpr.log

mail.*                          -/var/log/mail.log

user.*                          -/var/log/user.log

uucp.*                          /var/log/uucp.log



#

# Logging for the mail system.  Split it up so that

# it is easy to write scripts to parse these files.

#

mail.info                       -/var/log/mail.info

mail.warn                       -/var/log/mail.warn

mail.err                        /var/log/mail.err



# Logging for INN news system

#

news.crit                       /var/log/news/news.crit

news.err                        /var/log/news/news.err

news.notice                     -/var/log/news/news.notice



#

# Some `catch-all' logfiles.

#

*.=debug;

        auth,authpriv.none;

        news.none;mail.none     -/var/log/debug

*.=info;*.=notice;*.=warn;

        auth,authpriv.none;

        cron,daemon.none;

        mail,news.none          -/var/log/messages



#

# Emergencies are sent to everybody logged in.

#

*.emerg                         *



#

# I like to have messages displayed on the console, but only on a virtual

# console I usually leave idle.

#

#daemon,mail.*;

#       news.=crit;news.=err;news.=notice;

#       *.=debug;*.=info;

#       *.=notice;*.=warn       /dev/tty8



# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,

# you must invoke `xconsole' with the `-file' option:

#

#    $ xconsole -file /dev/xconsole [...]

#

# NOTE: adjust the list below, or you'll go crazy if you have a reasonably

#      busy site..

#

daemon.*;mail.*;

        news.crit;news.err;news.notice;

        *.=debug;*.=info;

        *.=notice;*.=warn       |/dev/xconsole


Problems here are:
1.




Failed to start rsyslogd.service




2.




ls: cannot access '/dev/log': No such file or directory






  1. ls -l /var/log most log file's size is 0






syslog rsyslog







share|improve this question
















Was trying to enable log for chroot users
May have done sth. wrong ,find ls -l in /var/log most log files size stay 0.
Try to fix it followed this answer 



# systemctl restart systemd-journald.socket

# systemctl start rsyslogd

Failed to start rsyslogd.service: Unit rsyslogd.service not found.


and this answer 



# logger -s "hellow"

logger: socket /dev/log: No such file or directory

# sudo rsyslogd -N6 | head -10

sudo: unable to resolve host iZ26v45oj3yjtmZ

rsyslogd: version 8.16.0, config validation run (level 6), master config /etc/rsyslog.conf

rsyslogd: command 'KLogPermitNonKernelFacility' is currently not permitted - did you already set it via a RainerScript command (v6+ config)? [v8.16.0 try http://www.rsyslog.com/e/2222 ]



# ls /dev/log

ls: cannot access '/dev/log': No such file or directory


And checked syslogd is running



#lsof -f -p 5379

syslogd 5379 root   16w   REG              253,1        0    1844521 /var/log/news/news.err

syslogd 5379 root   17w   REG              253,1        0    1844536 /var/log/news/news.notice

syslogd 5379 root   18w   REG              253,1     3282    1580873 /var/log/debug.1 (deleted)

syslogd 5379 root   19w   REG              253,1   110492    1580898 /var/log/messages.1 (deleted)

syslogd 5379 root   20u  FIFO                0,6      0t0        423 /dev/xconsole

syslogd 5379 root   21u  unix 0xffff880138be9400      0t0     212524 /dev/log type=DGRAM


The /etc/rsyslog.conf file



#################

#### MODULES ####

#################



module(load="imuxsock") # provides support for local system logging

module(load="imklog")   # provides kernel logging support

#module(load="immark")  # provides --MARK-- message capability



# provides UDP syslog reception

#module(load="imudp")

#input(type="imudp" port="514")



# provides TCP syslog reception

#module(load="imtcp")

#input(type="imtcp" port="514")

# Enable non-kernel facility klog messages

$KLogPermitNonKernelFacility on



###########################

#### GLOBAL DIRECTIVES ####

###########################



#

# Use traditional timestamp format.

# To enable high precision timestamps, comment out the following line.

#

$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat



# Filter duplicated messages

$RepeatedMsgReduction on

#

# Set the default permissions for all log files.

#

$FileOwner syslog

$FileGroup adm

$FileCreateMode 0640

$DirCreateMode 0755

$Umask 0022

$PrivDropToUser syslog

$PrivDropToGroup syslog



#

# Where to place spool and state files

#

$WorkDirectory /var/spool/rsyslog



#

# Include all config files in /etc/rsyslog.d/

#

$IncludeConfig /etc/rsyslog.d/*.conf


The /etc/syslog.conf file



#  /etc/syslog.conf     Configuration file for inetutils-syslogd.

#

#                       For more information see syslog.conf(5) manpage.



#

# First some standard logfiles.  Log by facility.

#



auth,authpriv.*                 /var/log/auth.log

*.*;auth,authpriv.none          -/var/log/syslog

#cron.*                         /var/log/cron.log

daemon.*                        -/var/log/daemon.log

kern.*                          -/var/log/kern.log

lpr.*                           -/var/log/lpr.log

mail.*                          -/var/log/mail.log

user.*                          -/var/log/user.log

uucp.*                          /var/log/uucp.log



#

# Logging for the mail system.  Split it up so that

# it is easy to write scripts to parse these files.

#

mail.info                       -/var/log/mail.info

mail.warn                       -/var/log/mail.warn

mail.err                        /var/log/mail.err



# Logging for INN news system

#

news.crit                       /var/log/news/news.crit

news.err                        /var/log/news/news.err

news.notice                     -/var/log/news/news.notice



#

# Some `catch-all' logfiles.

#

*.=debug;

        auth,authpriv.none;

        news.none;mail.none     -/var/log/debug

*.=info;*.=notice;*.=warn;

        auth,authpriv.none;

        cron,daemon.none;

        mail,news.none          -/var/log/messages



#

# Emergencies are sent to everybody logged in.

#

*.emerg                         *



#

# I like to have messages displayed on the console, but only on a virtual

# console I usually leave idle.

#

#daemon,mail.*;

#       news.=crit;news.=err;news.=notice;

#       *.=debug;*.=info;

#       *.=notice;*.=warn       /dev/tty8



# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,

# you must invoke `xconsole' with the `-file' option:

#

#    $ xconsole -file /dev/xconsole [...]

#

# NOTE: adjust the list below, or you'll go crazy if you have a reasonably

#      busy site..

#

daemon.*;mail.*;

        news.crit;news.err;news.notice;

        *.=debug;*.=info;

        *.=notice;*.=warn       |/dev/xconsole


Problems here are:
1.




Failed to start rsyslogd.service




2.




ls: cannot access '/dev/log': No such file or directory






  1. ls -l /var/log most log file's size is 0






syslog rsyslog




syslog rsyslog






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jul 28 '17 at 8:31







Shihe Zhang

















asked Jul 28 '17 at 7:22









Shihe ZhangShihe Zhang

1015




1015













  • stop rsyslog service and run sudo rsyslogd -dn. See what does it say ? Also, have you made any file in /etc/rsyslog.d ?

    – Luv33preet
    Jul 28 '17 at 7:45













  • the output of sudo rsyslogd -dn is too much ,I put it on the main post.# ls /etc/rsyslog.d shows 20-ufw.conf 50-default.conf

    – Shihe Zhang
    Jul 28 '17 at 7:57











  • no dont post the output, it will give every single line. Just see what they say here. If you find anything helpful, post that thing. Or I would suggest you to open an issue in rsyslog github repo, github.com/rsyslog/rsyslog/issues/new

    – Luv33preet
    Jul 28 '17 at 8:06











  • Thank you @Luv33preet I remove the output,how ever the output is too long to read.Which part or keyword should be care?

    – Shihe Zhang
    Jul 28 '17 at 8:34



















  • stop rsyslog service and run sudo rsyslogd -dn. See what does it say ? Also, have you made any file in /etc/rsyslog.d ?

    – Luv33preet
    Jul 28 '17 at 7:45













  • the output of sudo rsyslogd -dn is too much ,I put it on the main post.# ls /etc/rsyslog.d shows 20-ufw.conf 50-default.conf

    – Shihe Zhang
    Jul 28 '17 at 7:57











  • no dont post the output, it will give every single line. Just see what they say here. If you find anything helpful, post that thing. Or I would suggest you to open an issue in rsyslog github repo, github.com/rsyslog/rsyslog/issues/new

    – Luv33preet
    Jul 28 '17 at 8:06











  • Thank you @Luv33preet I remove the output,how ever the output is too long to read.Which part or keyword should be care?

    – Shihe Zhang
    Jul 28 '17 at 8:34

















stop rsyslog service and run sudo rsyslogd -dn. See what does it say ? Also, have you made any file in /etc/rsyslog.d ?

– Luv33preet
Jul 28 '17 at 7:45







stop rsyslog service and run sudo rsyslogd -dn. See what does it say ? Also, have you made any file in /etc/rsyslog.d ?

– Luv33preet
Jul 28 '17 at 7:45















the output of sudo rsyslogd -dn is too much ,I put it on the main post.# ls /etc/rsyslog.d shows 20-ufw.conf 50-default.conf

– Shihe Zhang
Jul 28 '17 at 7:57





the output of sudo rsyslogd -dn is too much ,I put it on the main post.# ls /etc/rsyslog.d shows 20-ufw.conf 50-default.conf

– Shihe Zhang
Jul 28 '17 at 7:57













no dont post the output, it will give every single line. Just see what they say here. If you find anything helpful, post that thing. Or I would suggest you to open an issue in rsyslog github repo, github.com/rsyslog/rsyslog/issues/new

– Luv33preet
Jul 28 '17 at 8:06





no dont post the output, it will give every single line. Just see what they say here. If you find anything helpful, post that thing. Or I would suggest you to open an issue in rsyslog github repo, github.com/rsyslog/rsyslog/issues/new

– Luv33preet
Jul 28 '17 at 8:06













Thank you @Luv33preet I remove the output,how ever the output is too long to read.Which part or keyword should be care?

– Shihe Zhang
Jul 28 '17 at 8:34





Thank you @Luv33preet I remove the output,how ever the output is too long to read.Which part or keyword should be care?

– Shihe Zhang
Jul 28 '17 at 8:34










1 Answer
1






active

oldest

votes


















0














You cannot log inside a chroot because you need a /dev/log relative to the root of your chroot. (this is a known "feature").



Back in rsyslog, you add the a similar configuration to this one:



/etc/rsyslogd.conf

$AddUnixListenSocket /chroots/user1/dev/log


And restart rsyslog (outside the chroot)



See How to log internal-sftp chroot jailed users






share|improve this answer
























  • ls /etc/rsyslogd.conf ls: cannot access '/etc/rsyslogd.conf': No such file or directory So I changed rsyslog.conf and restart rsyslog,but logger -s "Hello w" still complains logger: socket /dev/log: No such file or directory

    – Shihe Zhang
    Jul 28 '17 at 8:27











  • Ubuntu 16.04 64bit.How to recover it?Guess the /chroot/dev/log was wrong made but romove the /dev/log by mistake.

    – Shihe Zhang
    Jul 28 '17 at 9:21












Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f382312%2fsystem-log-stop-logging%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














You cannot log inside a chroot because you need a /dev/log relative to the root of your chroot. (this is a known "feature").



Back in rsyslog, you add the a similar configuration to this one:



/etc/rsyslogd.conf

$AddUnixListenSocket /chroots/user1/dev/log


And restart rsyslog (outside the chroot)



See How to log internal-sftp chroot jailed users






share|improve this answer
























  • ls /etc/rsyslogd.conf ls: cannot access '/etc/rsyslogd.conf': No such file or directory So I changed rsyslog.conf and restart rsyslog,but logger -s "Hello w" still complains logger: socket /dev/log: No such file or directory

    – Shihe Zhang
    Jul 28 '17 at 8:27











  • Ubuntu 16.04 64bit.How to recover it?Guess the /chroot/dev/log was wrong made but romove the /dev/log by mistake.

    – Shihe Zhang
    Jul 28 '17 at 9:21
















0














You cannot log inside a chroot because you need a /dev/log relative to the root of your chroot. (this is a known "feature").



Back in rsyslog, you add the a similar configuration to this one:



/etc/rsyslogd.conf

$AddUnixListenSocket /chroots/user1/dev/log


And restart rsyslog (outside the chroot)



See How to log internal-sftp chroot jailed users






share|improve this answer
























  • ls /etc/rsyslogd.conf ls: cannot access '/etc/rsyslogd.conf': No such file or directory So I changed rsyslog.conf and restart rsyslog,but logger -s "Hello w" still complains logger: socket /dev/log: No such file or directory

    – Shihe Zhang
    Jul 28 '17 at 8:27











  • Ubuntu 16.04 64bit.How to recover it?Guess the /chroot/dev/log was wrong made but romove the /dev/log by mistake.

    – Shihe Zhang
    Jul 28 '17 at 9:21














0












0








0







You cannot log inside a chroot because you need a /dev/log relative to the root of your chroot. (this is a known "feature").



Back in rsyslog, you add the a similar configuration to this one:



/etc/rsyslogd.conf

$AddUnixListenSocket /chroots/user1/dev/log


And restart rsyslog (outside the chroot)



See How to log internal-sftp chroot jailed users






share|improve this answer













You cannot log inside a chroot because you need a /dev/log relative to the root of your chroot. (this is a known "feature").



Back in rsyslog, you add the a similar configuration to this one:



/etc/rsyslogd.conf

$AddUnixListenSocket /chroots/user1/dev/log


And restart rsyslog (outside the chroot)



See How to log internal-sftp chroot jailed users







share|improve this answer












share|improve this answer



share|improve this answer










answered Jul 28 '17 at 8:16









Rui F RibeiroRui F Ribeiro

41.8k1483142




41.8k1483142













  • ls /etc/rsyslogd.conf ls: cannot access '/etc/rsyslogd.conf': No such file or directory So I changed rsyslog.conf and restart rsyslog,but logger -s "Hello w" still complains logger: socket /dev/log: No such file or directory

    – Shihe Zhang
    Jul 28 '17 at 8:27











  • Ubuntu 16.04 64bit.How to recover it?Guess the /chroot/dev/log was wrong made but romove the /dev/log by mistake.

    – Shihe Zhang
    Jul 28 '17 at 9:21



















  • ls /etc/rsyslogd.conf ls: cannot access '/etc/rsyslogd.conf': No such file or directory So I changed rsyslog.conf and restart rsyslog,but logger -s "Hello w" still complains logger: socket /dev/log: No such file or directory

    – Shihe Zhang
    Jul 28 '17 at 8:27











  • Ubuntu 16.04 64bit.How to recover it?Guess the /chroot/dev/log was wrong made but romove the /dev/log by mistake.

    – Shihe Zhang
    Jul 28 '17 at 9:21

















ls /etc/rsyslogd.conf ls: cannot access '/etc/rsyslogd.conf': No such file or directory So I changed rsyslog.conf and restart rsyslog,but logger -s "Hello w" still complains logger: socket /dev/log: No such file or directory

– Shihe Zhang
Jul 28 '17 at 8:27





ls /etc/rsyslogd.conf ls: cannot access '/etc/rsyslogd.conf': No such file or directory So I changed rsyslog.conf and restart rsyslog,but logger -s "Hello w" still complains logger: socket /dev/log: No such file or directory

– Shihe Zhang
Jul 28 '17 at 8:27













Ubuntu 16.04 64bit.How to recover it?Guess the /chroot/dev/log was wrong made but romove the /dev/log by mistake.

– Shihe Zhang
Jul 28 '17 at 9:21





Ubuntu 16.04 64bit.How to recover it?Guess the /chroot/dev/log was wrong made but romove the /dev/log by mistake.

– Shihe Zhang
Jul 28 '17 at 9:21


















draft saved

draft discarded




















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f382312%2fsystem-log-stop-logging%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

How to make a Squid Proxy server?

Image
1 I want to set up squid proxy server for monitoring user activity in a network and Internet Web URL filtering for user. I also want to configure the user login, user log, user access group, and block unwanted web sites in my network. Please help me and guide me the full process to do this. server proxy squid share | improve this question edited Jul 31 '12 at 14:45 Jorge Castro 37.1k 107 422 617 asked Jul 31 '12 at 5:16 Goivind Tiwari Goivind Tiwari ...
Read more

第一次世界大戦

Image
この項目「 第一次世界大戦 」は翻訳されたばかりのものです。不自然あるいは曖昧な表現などが含まれる可能性があり、このままでは読みづらいかもしれません。(原文:ドイツ語版&oldid=173272248、英語版&oldid=821659949) 修正、加筆に協力し、現在の表現をより原文に近づけて下さる方を求めています。ノートページや履歴も参照してください。 ( 2018年5月 ) 第一次世界大戦 (だいいちじせかいたいせん、英語: World War I 、略称: WWI )は、1914年7月28日から1918年11月11日にかけて、連合国対中央同盟国の戦闘により繰り広げられた世界大戦である。 第一次世界大戦 上段:西部戦線の戦場 中段左:ドイツ軍のアルバトロス D.III複葉機 中段右:イギリス軍のMk.IV戦車 下段左:ソンムの戦いでのヴィッカース重機関銃と英兵 下段右:ガリポリの戦いで沈む英国戦艦イレジスティブル 戦争 :第一次世界大戦 年月日 :1914年7月28日 - 1918年11月11日 場所 :ヨーロッパ、中東、アフリカ、中国、太平洋 結果 :連合国(協商国)の勝利 交戦勢力 連合国 フランス共和国 イギリス帝国 ロシア帝国 セルビア王国 モンテネグロ王国 ベルギー 大日本帝国 イタリア王国 ルーマニア王国 ポルトガル共和国 アメリカ合衆国 ギリシャ王国 中華民国(北京政府) 他多数 中央同盟国 ドイツ帝国 オーストリア=ハンガリー帝国 オスマン帝国 ブルガリア王国 ほか共同参戦国あり 指導者・指揮官 ジョルジュ・クレマンソー レイモン・ポアンカレ フェルディナン・フォッシュ ジョージ5世 ハーバート・ヘンリー・アスキス ホレイショ・ハーバート・キッチナー デビッド・ロイド・ジョージ ニコライ2世 ペータル1世 ニコラ1世 アルベール1世 大正天皇 大隈重信 寺内正毅 原敬 ヴィットーリオ・エマヌエーレ3世 ヴィットーリオ・オルランド フェルディナンド1世 ウッドロウ・ウィルソン アレクサンドロス1世 段祺瑞 他多数 (英語版) ヴィルヘルム2世 パウル・フォン・ヒン...
Read more

Touch on Surface Book

Image
0 How can I make touch work on my Surface Book? About my Surface Book: Model: Intel Core i7-6600 U @ 2.60 GHz with 8 GB Ram and Nvidia GPU OS: Ubuntu 17.04 Latest, kernel 4.10.0-13-generic System outputs on Ubuntu: ~$ xinput list ⎡ Virtual core pointer id=2 [master pointer (3)] ⎜ ↳ Virtual core XTEST pointer id=4 [slave pointer (2)] ⎜ ↳ USB OPTICAL MOUSE id=8 [slave pointer (2)] ⎜ ↳ Microsoft Surface Keyboard Consumer Control id=10 [slave pointer (2)] ⎜ ↳ Microsoft Surface Keyboard Touchpad id=11 [slave pointer (2)] ⎣ Virtual core keyboard id=3 [master keyboard (2)] ↳ Virtual core XTEST keyboard id=5 [slave keyboard (3)] ...
Read more