syslog-ng startup failure when using /proc/kmsg [duplicate]
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
This question already has an answer here:
Cannot start syslog-ng when apparmor is running
1 answer
I have recently been updating syslog-ng
from 3.7.3
to 3.13.2
. After the upgrade, the daemon fails to start with this error message:
[2017-12-23T20:42:40.635915] Error checking the uniqueness of the persist names, please override it with persist-name option. Shutting down.; persist_name='affile_sd_curpos(/proc/kmsg)', location='/etc/syslog-ng/syslog-ng.conf:24:5'
For reference, line 24 of the config. See the whole file below.
file("/proc/kmsg");
I have been investigating this error for some time now, but the persist-name
option does not solve the problem. The intended use does not seem to be related to this issue.
The configuration file I'm using is the default from hardened gentoo.
@version: 3.13
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# https://bugs.gentoo.org/426814
@include "scl.conf"
#
# Syslog-ng configuration file, compatible with default hardened installations.
#
options
threaded(yes);
chain_hostnames(no);
stats_freq(43200);
;
source src
system();
internal();
;
source kernsrc
file("/proc/kmsg");
;
#source net udp(); ;
#log source(net); destination(net_logs); ;
#destination net_logs file("/var/log/HOSTS/$HOST/$YEAR$MONTH$DAY.log"); ;
destination authlog file("/var/log/auth.log"); ;
destination _syslog file("/var/log/syslog"); ;
destination cron file("/var/log/cron.log"); ;
destination daemon file("/var/log/daemon.log"); ;
destination kern file("/var/log/kern.log"); ;
destination lpr file("/var/log/lpr.log"); ;
destination user file("/var/log/user.log"); ;
destination uucp file("/var/log/uucp.log"); ;
#destination ppp file("/var/log/ppp.log"); ;
destination mail file("/var/log/mail.log"); ;
destination avc file("/var/log/avc.log"); ;
destination audit file("/var/log/audit.log"); ;
destination pax file("/var/log/pax.log"); ;
destination grsec file("/var/log/grsec.log"); ;
destination mailinfo file("/var/log/mail.info"); ;
destination mailwarn file("/var/log/mail.warn"); ;
destination mailerr file("/var/log/mail.err"); ;
destination newscrit file("/var/log/news/news.crit"); ;
destination newserr file("/var/log/news/news.err"); ;
destination newsnotice file("/var/log/news/news.notice"); ;
destination debug file("/var/log/debug"); ;
destination messages file("/var/log/messages"); ;
destination console usertty("root"); ;
destination console_all file("/dev/tty12"); ;
#destination loghost udp("loghost" port(999)); ;
destination xconsole pipe("/dev/xconsole"); ;
filter f_auth facility(auth); ;
filter f_authpriv facility(auth, authpriv); ;
filter f_syslog not facility(authpriv, mail); ;
filter f_cron facility(cron); ;
filter f_daemon facility(daemon); ;
filter f_kern facility(kern); ;
filter f_lpr facility(lpr); ;
filter f_mail facility(mail); ;
filter f_user facility(user); ;
filter f_uucp facility(uucp); ;
#filter f_ppp facility(ppp); ;
filter f_news facility(news); ;
filter f_debug not facility(auth, authpriv, news, mail); ;
filter f_messages level(info..warn)
and not facility(auth, authpriv, mail, news); ;
filter f_emergency level(emerg); ;
filter f_info level(info); ;
filter f_notice level(notice); ;
filter f_warn level(warn); ;
filter f_crit level(crit); ;
filter f_err level(err); ;
filter f_avc message(".*avc: .*"); ;
filter f_audit )audit.*") and not message(".*avc: .*"); ;
filter f_pax )PAX:.*"); ;
filter f_grsec message("^(\[.*..*] ;
log source(src); filter(f_authpriv); destination(authlog); ;
log source(src); filter(f_syslog); destination(_syslog); ;
log source(src); filter(f_cron); destination(cron); ;
log source(src); filter(f_daemon); destination(daemon); ;
log source(kernsrc); filter(f_kern); destination(kern); destination(console_all); ;
log source(src); filter(f_lpr); destination(lpr); ;
log source(src); filter(f_mail); destination(mail); ;
log source(src); filter(f_user); destination(user); ;
log source(src); filter(f_uucp); destination(uucp); ;
log source(kernsrc); filter(f_pax); destination(pax); ;
log source(kernsrc); filter(f_grsec); destination(grsec); ;
log source(kernsrc); filter(f_audit); destination(audit); ;
log source(kernsrc); filter(f_avc); destination(avc); ;
log source(src); filter(f_mail); filter(f_info); destination(mailinfo); ;
log source(src); filter(f_mail); filter(f_warn); destination(mailwarn); ;
log source(src); filter(f_mail); filter(f_err); destination(mailerr); ;
log source(src); filter(f_news); filter(f_crit); destination(newscrit); ;
log source(src); filter(f_news); filter(f_err); destination(newserr); ;
log source(src); filter(f_news); filter(f_notice); destination(newsnotice); ;
log source(src); filter(f_debug); destination(debug); ;
log source(src); filter(f_messages); destination(messages); ;
log source(src); filter(f_emergency); destination(console); ;
#log source(src); filter(f_ppp); destination(ppp); ;
log source(src); destination(console_all); ;
linux syslog-ng
marked as duplicate by Michael Mrozek⦠Dec 24 '17 at 16:06
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |Â
up vote
0
down vote
favorite
This question already has an answer here:
Cannot start syslog-ng when apparmor is running
1 answer
I have recently been updating syslog-ng
from 3.7.3
to 3.13.2
. After the upgrade, the daemon fails to start with this error message:
[2017-12-23T20:42:40.635915] Error checking the uniqueness of the persist names, please override it with persist-name option. Shutting down.; persist_name='affile_sd_curpos(/proc/kmsg)', location='/etc/syslog-ng/syslog-ng.conf:24:5'
For reference, line 24 of the config. See the whole file below.
file("/proc/kmsg");
I have been investigating this error for some time now, but the persist-name
option does not solve the problem. The intended use does not seem to be related to this issue.
The configuration file I'm using is the default from hardened gentoo.
@version: 3.13
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# https://bugs.gentoo.org/426814
@include "scl.conf"
#
# Syslog-ng configuration file, compatible with default hardened installations.
#
options
threaded(yes);
chain_hostnames(no);
stats_freq(43200);
;
source src
system();
internal();
;
source kernsrc
file("/proc/kmsg");
;
#source net udp(); ;
#log source(net); destination(net_logs); ;
#destination net_logs file("/var/log/HOSTS/$HOST/$YEAR$MONTH$DAY.log"); ;
destination authlog file("/var/log/auth.log"); ;
destination _syslog file("/var/log/syslog"); ;
destination cron file("/var/log/cron.log"); ;
destination daemon file("/var/log/daemon.log"); ;
destination kern file("/var/log/kern.log"); ;
destination lpr file("/var/log/lpr.log"); ;
destination user file("/var/log/user.log"); ;
destination uucp file("/var/log/uucp.log"); ;
#destination ppp file("/var/log/ppp.log"); ;
destination mail file("/var/log/mail.log"); ;
destination avc file("/var/log/avc.log"); ;
destination audit file("/var/log/audit.log"); ;
destination pax file("/var/log/pax.log"); ;
destination grsec file("/var/log/grsec.log"); ;
destination mailinfo file("/var/log/mail.info"); ;
destination mailwarn file("/var/log/mail.warn"); ;
destination mailerr file("/var/log/mail.err"); ;
destination newscrit file("/var/log/news/news.crit"); ;
destination newserr file("/var/log/news/news.err"); ;
destination newsnotice file("/var/log/news/news.notice"); ;
destination debug file("/var/log/debug"); ;
destination messages file("/var/log/messages"); ;
destination console usertty("root"); ;
destination console_all file("/dev/tty12"); ;
#destination loghost udp("loghost" port(999)); ;
destination xconsole pipe("/dev/xconsole"); ;
filter f_auth facility(auth); ;
filter f_authpriv facility(auth, authpriv); ;
filter f_syslog not facility(authpriv, mail); ;
filter f_cron facility(cron); ;
filter f_daemon facility(daemon); ;
filter f_kern facility(kern); ;
filter f_lpr facility(lpr); ;
filter f_mail facility(mail); ;
filter f_user facility(user); ;
filter f_uucp facility(uucp); ;
#filter f_ppp facility(ppp); ;
filter f_news facility(news); ;
filter f_debug not facility(auth, authpriv, news, mail); ;
filter f_messages level(info..warn)
and not facility(auth, authpriv, mail, news); ;
filter f_emergency level(emerg); ;
filter f_info level(info); ;
filter f_notice level(notice); ;
filter f_warn level(warn); ;
filter f_crit level(crit); ;
filter f_err level(err); ;
filter f_avc message(".*avc: .*"); ;
filter f_audit )audit.*") and not message(".*avc: .*"); ;
filter f_pax )PAX:.*"); ;
filter f_grsec message("^(\[.*..*] ;
log source(src); filter(f_authpriv); destination(authlog); ;
log source(src); filter(f_syslog); destination(_syslog); ;
log source(src); filter(f_cron); destination(cron); ;
log source(src); filter(f_daemon); destination(daemon); ;
log source(kernsrc); filter(f_kern); destination(kern); destination(console_all); ;
log source(src); filter(f_lpr); destination(lpr); ;
log source(src); filter(f_mail); destination(mail); ;
log source(src); filter(f_user); destination(user); ;
log source(src); filter(f_uucp); destination(uucp); ;
log source(kernsrc); filter(f_pax); destination(pax); ;
log source(kernsrc); filter(f_grsec); destination(grsec); ;
log source(kernsrc); filter(f_audit); destination(audit); ;
log source(kernsrc); filter(f_avc); destination(avc); ;
log source(src); filter(f_mail); filter(f_info); destination(mailinfo); ;
log source(src); filter(f_mail); filter(f_warn); destination(mailwarn); ;
log source(src); filter(f_mail); filter(f_err); destination(mailerr); ;
log source(src); filter(f_news); filter(f_crit); destination(newscrit); ;
log source(src); filter(f_news); filter(f_err); destination(newserr); ;
log source(src); filter(f_news); filter(f_notice); destination(newsnotice); ;
log source(src); filter(f_debug); destination(debug); ;
log source(src); filter(f_messages); destination(messages); ;
log source(src); filter(f_emergency); destination(console); ;
#log source(src); filter(f_ppp); destination(ppp); ;
log source(src); destination(console_all); ;
linux syslog-ng
marked as duplicate by Michael Mrozek⦠Dec 24 '17 at 16:06
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
This question already has an answer here:
Cannot start syslog-ng when apparmor is running
1 answer
I have recently been updating syslog-ng
from 3.7.3
to 3.13.2
. After the upgrade, the daemon fails to start with this error message:
[2017-12-23T20:42:40.635915] Error checking the uniqueness of the persist names, please override it with persist-name option. Shutting down.; persist_name='affile_sd_curpos(/proc/kmsg)', location='/etc/syslog-ng/syslog-ng.conf:24:5'
For reference, line 24 of the config. See the whole file below.
file("/proc/kmsg");
I have been investigating this error for some time now, but the persist-name
option does not solve the problem. The intended use does not seem to be related to this issue.
The configuration file I'm using is the default from hardened gentoo.
@version: 3.13
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# https://bugs.gentoo.org/426814
@include "scl.conf"
#
# Syslog-ng configuration file, compatible with default hardened installations.
#
options
threaded(yes);
chain_hostnames(no);
stats_freq(43200);
;
source src
system();
internal();
;
source kernsrc
file("/proc/kmsg");
;
#source net udp(); ;
#log source(net); destination(net_logs); ;
#destination net_logs file("/var/log/HOSTS/$HOST/$YEAR$MONTH$DAY.log"); ;
destination authlog file("/var/log/auth.log"); ;
destination _syslog file("/var/log/syslog"); ;
destination cron file("/var/log/cron.log"); ;
destination daemon file("/var/log/daemon.log"); ;
destination kern file("/var/log/kern.log"); ;
destination lpr file("/var/log/lpr.log"); ;
destination user file("/var/log/user.log"); ;
destination uucp file("/var/log/uucp.log"); ;
#destination ppp file("/var/log/ppp.log"); ;
destination mail file("/var/log/mail.log"); ;
destination avc file("/var/log/avc.log"); ;
destination audit file("/var/log/audit.log"); ;
destination pax file("/var/log/pax.log"); ;
destination grsec file("/var/log/grsec.log"); ;
destination mailinfo file("/var/log/mail.info"); ;
destination mailwarn file("/var/log/mail.warn"); ;
destination mailerr file("/var/log/mail.err"); ;
destination newscrit file("/var/log/news/news.crit"); ;
destination newserr file("/var/log/news/news.err"); ;
destination newsnotice file("/var/log/news/news.notice"); ;
destination debug file("/var/log/debug"); ;
destination messages file("/var/log/messages"); ;
destination console usertty("root"); ;
destination console_all file("/dev/tty12"); ;
#destination loghost udp("loghost" port(999)); ;
destination xconsole pipe("/dev/xconsole"); ;
filter f_auth facility(auth); ;
filter f_authpriv facility(auth, authpriv); ;
filter f_syslog not facility(authpriv, mail); ;
filter f_cron facility(cron); ;
filter f_daemon facility(daemon); ;
filter f_kern facility(kern); ;
filter f_lpr facility(lpr); ;
filter f_mail facility(mail); ;
filter f_user facility(user); ;
filter f_uucp facility(uucp); ;
#filter f_ppp facility(ppp); ;
filter f_news facility(news); ;
filter f_debug not facility(auth, authpriv, news, mail); ;
filter f_messages level(info..warn)
and not facility(auth, authpriv, mail, news); ;
filter f_emergency level(emerg); ;
filter f_info level(info); ;
filter f_notice level(notice); ;
filter f_warn level(warn); ;
filter f_crit level(crit); ;
filter f_err level(err); ;
filter f_avc message(".*avc: .*"); ;
filter f_audit )audit.*") and not message(".*avc: .*"); ;
filter f_pax )PAX:.*"); ;
filter f_grsec message("^(\[.*..*] ;
log source(src); filter(f_authpriv); destination(authlog); ;
log source(src); filter(f_syslog); destination(_syslog); ;
log source(src); filter(f_cron); destination(cron); ;
log source(src); filter(f_daemon); destination(daemon); ;
log source(kernsrc); filter(f_kern); destination(kern); destination(console_all); ;
log source(src); filter(f_lpr); destination(lpr); ;
log source(src); filter(f_mail); destination(mail); ;
log source(src); filter(f_user); destination(user); ;
log source(src); filter(f_uucp); destination(uucp); ;
log source(kernsrc); filter(f_pax); destination(pax); ;
log source(kernsrc); filter(f_grsec); destination(grsec); ;
log source(kernsrc); filter(f_audit); destination(audit); ;
log source(kernsrc); filter(f_avc); destination(avc); ;
log source(src); filter(f_mail); filter(f_info); destination(mailinfo); ;
log source(src); filter(f_mail); filter(f_warn); destination(mailwarn); ;
log source(src); filter(f_mail); filter(f_err); destination(mailerr); ;
log source(src); filter(f_news); filter(f_crit); destination(newscrit); ;
log source(src); filter(f_news); filter(f_err); destination(newserr); ;
log source(src); filter(f_news); filter(f_notice); destination(newsnotice); ;
log source(src); filter(f_debug); destination(debug); ;
log source(src); filter(f_messages); destination(messages); ;
log source(src); filter(f_emergency); destination(console); ;
#log source(src); filter(f_ppp); destination(ppp); ;
log source(src); destination(console_all); ;
linux syslog-ng
This question already has an answer here:
Cannot start syslog-ng when apparmor is running
1 answer
I have recently been updating syslog-ng
from 3.7.3
to 3.13.2
. After the upgrade, the daemon fails to start with this error message:
[2017-12-23T20:42:40.635915] Error checking the uniqueness of the persist names, please override it with persist-name option. Shutting down.; persist_name='affile_sd_curpos(/proc/kmsg)', location='/etc/syslog-ng/syslog-ng.conf:24:5'
For reference, line 24 of the config. See the whole file below.
file("/proc/kmsg");
I have been investigating this error for some time now, but the persist-name
option does not solve the problem. The intended use does not seem to be related to this issue.
The configuration file I'm using is the default from hardened gentoo.
@version: 3.13
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# https://bugs.gentoo.org/426814
@include "scl.conf"
#
# Syslog-ng configuration file, compatible with default hardened installations.
#
options
threaded(yes);
chain_hostnames(no);
stats_freq(43200);
;
source src
system();
internal();
;
source kernsrc
file("/proc/kmsg");
;
#source net udp(); ;
#log source(net); destination(net_logs); ;
#destination net_logs file("/var/log/HOSTS/$HOST/$YEAR$MONTH$DAY.log"); ;
destination authlog file("/var/log/auth.log"); ;
destination _syslog file("/var/log/syslog"); ;
destination cron file("/var/log/cron.log"); ;
destination daemon file("/var/log/daemon.log"); ;
destination kern file("/var/log/kern.log"); ;
destination lpr file("/var/log/lpr.log"); ;
destination user file("/var/log/user.log"); ;
destination uucp file("/var/log/uucp.log"); ;
#destination ppp file("/var/log/ppp.log"); ;
destination mail file("/var/log/mail.log"); ;
destination avc file("/var/log/avc.log"); ;
destination audit file("/var/log/audit.log"); ;
destination pax file("/var/log/pax.log"); ;
destination grsec file("/var/log/grsec.log"); ;
destination mailinfo file("/var/log/mail.info"); ;
destination mailwarn file("/var/log/mail.warn"); ;
destination mailerr file("/var/log/mail.err"); ;
destination newscrit file("/var/log/news/news.crit"); ;
destination newserr file("/var/log/news/news.err"); ;
destination newsnotice file("/var/log/news/news.notice"); ;
destination debug file("/var/log/debug"); ;
destination messages file("/var/log/messages"); ;
destination console usertty("root"); ;
destination console_all file("/dev/tty12"); ;
#destination loghost udp("loghost" port(999)); ;
destination xconsole pipe("/dev/xconsole"); ;
filter f_auth facility(auth); ;
filter f_authpriv facility(auth, authpriv); ;
filter f_syslog not facility(authpriv, mail); ;
filter f_cron facility(cron); ;
filter f_daemon facility(daemon); ;
filter f_kern facility(kern); ;
filter f_lpr facility(lpr); ;
filter f_mail facility(mail); ;
filter f_user facility(user); ;
filter f_uucp facility(uucp); ;
#filter f_ppp facility(ppp); ;
filter f_news facility(news); ;
filter f_debug not facility(auth, authpriv, news, mail); ;
filter f_messages level(info..warn)
and not facility(auth, authpriv, mail, news); ;
filter f_emergency level(emerg); ;
filter f_info level(info); ;
filter f_notice level(notice); ;
filter f_warn level(warn); ;
filter f_crit level(crit); ;
filter f_err level(err); ;
filter f_avc message(".*avc: .*"); ;
filter f_audit )audit.*") and not message(".*avc: .*"); ;
filter f_pax )PAX:.*"); ;
filter f_grsec message("^(\[.*..*] ;
log source(src); filter(f_authpriv); destination(authlog); ;
log source(src); filter(f_syslog); destination(_syslog); ;
log source(src); filter(f_cron); destination(cron); ;
log source(src); filter(f_daemon); destination(daemon); ;
log source(kernsrc); filter(f_kern); destination(kern); destination(console_all); ;
log source(src); filter(f_lpr); destination(lpr); ;
log source(src); filter(f_mail); destination(mail); ;
log source(src); filter(f_user); destination(user); ;
log source(src); filter(f_uucp); destination(uucp); ;
log source(kernsrc); filter(f_pax); destination(pax); ;
log source(kernsrc); filter(f_grsec); destination(grsec); ;
log source(kernsrc); filter(f_audit); destination(audit); ;
log source(kernsrc); filter(f_avc); destination(avc); ;
log source(src); filter(f_mail); filter(f_info); destination(mailinfo); ;
log source(src); filter(f_mail); filter(f_warn); destination(mailwarn); ;
log source(src); filter(f_mail); filter(f_err); destination(mailerr); ;
log source(src); filter(f_news); filter(f_crit); destination(newscrit); ;
log source(src); filter(f_news); filter(f_err); destination(newserr); ;
log source(src); filter(f_news); filter(f_notice); destination(newsnotice); ;
log source(src); filter(f_debug); destination(debug); ;
log source(src); filter(f_messages); destination(messages); ;
log source(src); filter(f_emergency); destination(console); ;
#log source(src); filter(f_ppp); destination(ppp); ;
log source(src); destination(console_all); ;
This question already has an answer here:
Cannot start syslog-ng when apparmor is running
1 answer
linux syslog-ng
asked Dec 23 '17 at 19:53
nyronium
1665
1665
marked as duplicate by Michael Mrozek⦠Dec 24 '17 at 16:06
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by Michael Mrozek⦠Dec 24 '17 at 16:06
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
0
down vote
The problem is not created by syslog-ng
but by an apparmor profile. The profile prevents reading /dev/kmsg
, which is needed even when using /proc/kmsg
(which is whitelisted).
To see a full explanation and bug-report, check the answer I have written under a more specific question regarding this bug here.
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
The problem is not created by syslog-ng
but by an apparmor profile. The profile prevents reading /dev/kmsg
, which is needed even when using /proc/kmsg
(which is whitelisted).
To see a full explanation and bug-report, check the answer I have written under a more specific question regarding this bug here.
add a comment |Â
up vote
0
down vote
The problem is not created by syslog-ng
but by an apparmor profile. The profile prevents reading /dev/kmsg
, which is needed even when using /proc/kmsg
(which is whitelisted).
To see a full explanation and bug-report, check the answer I have written under a more specific question regarding this bug here.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
The problem is not created by syslog-ng
but by an apparmor profile. The profile prevents reading /dev/kmsg
, which is needed even when using /proc/kmsg
(which is whitelisted).
To see a full explanation and bug-report, check the answer I have written under a more specific question regarding this bug here.
The problem is not created by syslog-ng
but by an apparmor profile. The profile prevents reading /dev/kmsg
, which is needed even when using /proc/kmsg
(which is whitelisted).
To see a full explanation and bug-report, check the answer I have written under a more specific question regarding this bug here.
answered Dec 23 '17 at 21:04
nyronium
1665
1665
add a comment |Â
add a comment |Â