[systemd-devel] journald: listening on multiple syslog sockets

David Strauss david at davidstrauss.net
Sat Dec 1 20:29:42 PST 2012 

Why not just run rsyslog on whatever sockets you'd like and have it
all forward (using syslog protocol) to the journal socket?

On Sat, Dec 1, 2012 at 6:09 AM, Dmitry V. Levin <ldv at altlinux.org> wrote:
> Hi,
>
> On Sun, Nov 25, 2012 at 12:19:27AM +0100, Lennart Poettering wrote:
> [...]
>> Currently, journald cannot listen on multiple syslog sockets (though we
>> could certainly add that).
>>
>> A simple alternative could be to just make /var/lib/ldap/dev/log
>> symlinks? If you are using chroots and these paths hence cannot be
>> symlinks into the host, then it might be possible to create a new subdir
>> somewhere in /run or so, then copy /usr/lib/systemd/system/syslog.socket
>> to /etc/systemd/system/syslog.socket and change it there to point to a
>> socket in this new subdir. Then, bind mount this subdir into the various
>> chroot environment, and symlink /dev/log each time.
>>
>> Not pretty, but should work...
>
> The situation is even more complicated than that because various chrooted
> services have slightly different contents of their /dev/, some of them
> have nothing there but /dev/log, others also rely on availability of some
> relatively harmless devices like /dev/null, dev/zero and /dev/urandom.
> An appropriate directory structure for bind mounts would probably look
> something like this:
>
> /run/dev/
> /run/dev/socket/
> /run/dev/socket/log
> /run/dev/urandom/
> /run/dev/urandom/urandom
> /run/dev/urandom/socket/ => /run/dev/socket/
> /run/dev/urandom/log -> socket/log
> /dev/log -> /run/dev/socket/log
> /var/lib/bind/dev/ => /run/dev/socket/
> /var/spool/postfix/dev/ => /run/dev/socket/
> /var/lib/ldap/dev/ => /run/dev/urandom/
>
> Note all these bind mounts would have to be maintained properly, that is,
> mounted and unmounted in time and in proper order, thus making the whole
> scheme a bit more complicated than configuring journald to listen on
> multiple syslog sockets.
>
> The interface I implemented some 10 years ago for syslogd is
> /etc/syslog.d/ directory where each chrooted service has to create
> (package) a symlink to the address it wants to be listened by syslogd,
> like in this example:
>
> $ rpmquery -alv | grep ' -> .*/dev/log' | sort -k9
> lrwxrwxrwx 1 root root 21 Nov  7 08:17 /etc/syslog.d/bind -> /var/lib/bind/dev/log
> lrwxrwxrwx 1 root root 27 Nov 28 17:49 /etc/syslog.d/dhcpd -> /var/lib/dhcp/dhcpd/dev/log
> lrwxrwxrwx 1 root root 21 Sep 18 11:39 /etc/syslog.d/ldap -> /var/lib/ldap/dev/log
> lrwxrwxrwx 1 root root 20 Nov 26 12:47 /etc/syslog.d/nut -> /var/lib/nut/dev/log
> lrwxrwxrwx 1 root root 26 Nov 28 10:32 /etc/syslog.d/postfix -> /var/spool/postfix/dev/log
>
> The advantage of this configuration approach is that each chrooted service
> has a straightforward way of configuring /dev/log for its chroot without
> meddling in syslogd configuration with risk to interfere with other
> chrooted services.
>
>
> --
> ldv
>
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>



-- 
David Strauss
   | david at davidstrauss.net
   | +1 512 577 5827 [mobile]

More information about the systemd-devel mailing list