I'm stumped by this one. I've never paid much attention to syslogd and
it's operation.
I have three systems, one a v4.0d PK3, one v4.0e no PKs, and one V4.0e Pk1
The third system, with V4.0e, PK1 has the problem. Syslogd starts, then
exits, no information
gets written into the logs in the path /var/adm/syslog.dated.
I first noticed the lack of logging the other day when I noticed that the
last entry in the syslog.dated
directory was for the 12th of November, i.e., a directory named
12-Nov-10:26. All the log files in that directory were of length zero.
Several days had passed since the 12th, so I expected to see entries for
13-NoV, 14-Nov, 15-Nov, etc.
I checked the permissions on the crontab file for root, checked the
/etc/syslog.conf file, and all the other likely suspects I can think of.
I noticed the following oddity. In the root crontab on the system where
syslogd won't stay running, there are the following entries:
15 4 * * * find /var/preserve -mount -mtime +7 -type f -exec rm -f {} \;
20 4 * * * find /tmp -mount -type f -atime +2 -exec rm -f {} \;
30 4 * * * find /var/tmp -mount -type f -atime +7 -exec rm -f {} \;
40 4 * * * find /var/adm/syslog.dated -depth -type d -ctime +5 -exec rm -rf
{} \;
These are exactly the same as on the system with V4.0e and no PK where
syslogd works fine.
On my v4.0d system with PK3, the root crontab has the following entries:
15 4 * * * find /var/preserve ! -mount -mtime +7 -type f -exec rm -f {} \;
20 4 * * * find /tmp ! -mount -type f -atime +2 -exec rm -f {} \;
30 4 * * * find /var/tmp ! -mount -type f -atime +7 -exec rm -f {} \;
40 4 * * * find /var/adm/syslog.dated -depth -type d -ctime +5 -exec rm -rf
{} \;
And syslogd merrily logs away.
I'm not a "find guru" (nor any other sort), but in my ignorance I was
schocked to see an "!" .
Two other pieces of data:
1. Yesterday I changed permissions on the root crontab file just to see if
it made any difference. They were 400 owner root group system, and I
changed them to 444 root system. At the time when the /tmp directory would
have been examibed, 0420, root received a mail message reading:
Date: Fri, 19 Nov 1999 04:20:01 -0500 (EST)
From: system PRIVILEGED account <root_at_machine.comport.com>
find: /tmp/croutABBaaaraa : No such file or directory
*************************************************
Cron: The previous message is the standard output
and standard error of one of your cron commands.
Before I had changed the permissions on the root crontab, this sort of mail
was never received.
And the permission on root crontab were back to 400 root system.
2. The system has a new body. That is to say that the mother-board died,
and I just moved the "brain", the disk with /root, /usr, and /var to a new
box with a healthy motherboard on November 12th. I cannot say with any
assurance whether syslogd was working before the transplant. This system
is very under-used. It's our terst machine for LSM and Raid testing, so
nothing runs on it except when we want to test a new RAID set or LSM
config. There is no LSM running now.
I would appreciate any and all advice and will summarize.
Thanks and regards,
Bruce
+--------------------------------------+
Bruce B. Platt, Ph.D.
Comport Consulting Corporation
78 Orchard Street, Ramsey, NJ 07446
Phone: 201-236-0505 Fax: 201-236-1335
bbp_at_comport.com, bruce_at_ bruce.platt_at_
OR, bruce_at_bbplatt.com
Received on Fri Nov 19 1999 - 21:50:34 NZDT