Re: /dev/urandom | logger "issue"

[M ixter <mixter () 2XS CO IL>]

On Mon, 28 Aug 2000, Sarel J. Botha wrote:

> I'm not 100% on how syslog works. Does a daemon write to /dev/log or to a
> unix socket to log?
Well, it writes to /dev/log, and /dev/log IS a unix file socket :>
New syslog packages, at least on Linux, don't accept remote syslog packets
over remote udp connections anymore, unless explicity instructed (-r) to
(since you need it to set up a loghost).

> If it only uses /dev/log then this problem can be easily fixed my system
> administrators on their own machines. Just create a log group, make the
> permissions on /dev/log 660 and add all daemons that are allowed to log to
> the log group.
What I actually found is that syslogd itself is to blame... true, you can
chown and chmod the unix file socket, but the unix socket goes away when
closed and is recreated by syslogd in mode 666. The solution is to add a
default syslog daemon group, and actually change syslog to chown the /dev/log
socket on creating and set it to the right privileges. (Or you could put
that in your init scripts which would be a messy approach at best :).

----------------------------------------------------------
 Mixter <mixter () 2xs co il>, 2xs LTD. http://www.2xs.co.il