openSUSE 10.1 x86_64 kde release 3.5.7 "release 56.1" SuSEfirewall2-3.4_SVNr142-5 yast2-firewall-2.13.7-9 2.6.18.8-396-default FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="yes" FW_LOG_LIMIT="no" FW_LOG="" After a kde* update three days ago, I expierenced and odd system snafu. My home partition displayed very-low/zero free space. Two X restarts (init 3 -> 5 -> 3 -> 5) with checking free space not solving the problem and being unable to locate a large new file (25gb home partition), I init'ed to level 1 where the partition did show properly, ~50% usage. Returning to runlevel 5, syslog-ng did not restart, discovered upon checking the morning after log reports. I manually restarted syslog-ng. Now all appears normal and good *except* there is no firewall logging. Restarting the firewall, rcSuSEfirewall2, made no difference. I have checked the parameters related to logging and all are default. Also changing for more verbose logging via yast2 makes no difference. QUESTION: Where/how do I get my firewall logging back? -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 07/16/2007 11:07 AM, Patrick Shanahan wrote:
<snip>
QUESTION: Where/how do I get my firewall logging back?
Please post the result of "cat /etc/syslog-ng/syslog-ng.conf" and "ls -l /var/log/firewall". -- Hypocrisy is the homage vice pays to virtue. -- François de La Rochefoucauld -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* Darryl Gregorash
On 07/16/2007 11:07 AM, Patrick Shanahan wrote:
QUESTION: Where/how do I get my firewall logging back?
Please post the result of "cat /etc/syslog-ng/syslog-ng.conf" and "ls -l /var/log/firewall".
-rw-r----- 1 root root 1538079 2007-07-13 23:14 /var/log/firewall # Global options. options { long_hostnames(off); sync(0); perm(0640); stats(3600); }; source src { internal(); unix-dgram("/dev/log"); }; # Filter definitions filter f_iptables { facility(kern) and match("IN=") and match("OUT="); }; filter f_console { level(warn) and facility(kern) and not filter(f_iptables) or level(err) and not facility(authpriv); }; filter f_newsnotice { level(notice) and facility(news); }; filter f_newscrit { level(crit) and facility(news); }; filter f_newserr { level(err) and facility(news); }; filter f_news { facility(news); }; filter f_mailinfo { level(info) and facility(mail); }; filter f_mailwarn { level(warn) and facility(mail); }; filter f_mailerr { level(err, crit) and facility(mail); }; filter f_mail { facility(mail); }; filter f_cron { facility(cron); }; filter f_local { facility(local0, local1, local2, local3, local4, local5, local6, local7); }; filter f_acpid { level(emerg...notice) and match('^\acpid:'); }; filter f_acpid_old { match('^\[acpid\]:'); }; filter f_netmgm { match('^NetworkManager:'); }; filter f_messages { not facility(news, mail) and not filter(f_iptables); }; filter f_warn { level(warn, err, crit) and not filter(f_iptables); }; filter f_alert { level(alert); }; destination console { pipe("/dev/tty10" owner(-1) group(-1) perm(-1)); }; log { source(src); filter(f_console); destination(console); }; destination xconsole { pipe("/dev/xconsole" owner(-1) group(-1) perm(-1)); }; log { source(src); filter(f_console); destination(xconsole); }; destination newscrit { file("/var/log/news/news.crit" owner(news) group(news)); }; log { source(src); filter(f_newscrit); destination(newscrit); }; destination newserr { file("/var/log/news/news.err" owner(news) group(news)); }; log { source(src); filter(f_newserr); destination(newserr); }; destination newsnotice { file("/var/log/news/news.notice" owner(news) group(news)); }; log { source(src); filter(f_newsnotice); destination(newsnotice); }; destination mailinfo { file("/var/log/mail.info"); }; log { source(src); filter(f_mailinfo); destination(mailinfo); }; destination mailwarn { file("/var/log/mail.warn"); }; log { source(src); filter(f_mailwarn); destination(mailwarn); }; destination mailerr { file("/var/log/mail.err" fsync(yes)); }; log { source(src); filter(f_mailerr); destination(mailerr); }; destination mail { file("/var/log/mail"); }; log { source(src); filter(f_mail); destination(mail); }; destination acpid { file("/var/log/acpid"); }; log { source(src); filter(f_acpid); destination(acpid); flags(final); }; log { source(src); filter(f_acpid_old); destination(acpid); flags(final); }; destination netmgm { file("/var/log/NetworkManager"); }; log { source(src); filter(f_netmgm); destination(netmgm); flags(final); }; destination localmessages { file("/var/log/localmessages"); }; log { source(src); filter(f_local); destination(localmessages); }; destination messages { file("/var/log/messages"); }; log { source(src); filter(f_messages); destination(messages); }; destination firewall { file("/var/log/firewall"); }; log { source(src); filter(f_iptables); destination(firewall); }; destination warn { file("/var/log/warn" fsync(yes)); }; log { source(src); filter(f_warn); destination(warn); }; -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 07/16/2007 01:12 PM, Patrick Shanahan wrote:
* Darryl Gregorash
[07-16-07 15:09]: On 07/16/2007 11:07 AM, Patrick Shanahan wrote:
QUESTION: Where/how do I get my firewall logging back?
Please post the result of "cat /etc/syslog-ng/syslog-ng.conf" and "ls -l /var/log/firewall".
-rw-r----- 1 root root 1538079 2007-07-13 23:14 /var/log/firewall
# Global options. options { long_hostnames(off); sync(0); perm(0640); stats(3600); };
<snip>
Very strange, everything looks just fine. Is that options {} statement in the original config file, or did you add it? If the latter, try commenting it out and restarting syslog-ng. If firewall logging returns, then you can play with the options parameters to see if one of those is responsible. If it has already been working with that options statement, then I am totally baffled. -- Hypocrisy is the homage vice pays to virtue. -- François de La Rochefoucauld -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* Darryl Gregorash
Very strange, everything looks just fine. Is that options {} statement in the original config file, or did you add it?
No, it was in the original and was working as is ???
If the latter, try commenting it out and restarting syslog-ng. If firewall logging returns, then you can play with the options parameters to see if one of those is responsible.
If it has already been working with that options statement, then I am totally baffled.
me toooo. Restarting the firewall and/or restarting syylog-ng even specifing the config file, all have no apparent effect. The firewall log is still stopped on Friday 13th at 23:14 GMT -5 :^( The ONLY thing that I can think of that I haven't tried is restarting the entire system, which I do VERY infrequently, ie: kernel change which has bit me several times recently so I have shied away from that. Using a kernel built for 10.2 on a 10.1 system (only way to get support for my usb devices, at the time). If I don't see logs by tomorrow morning, I *will* reboot, but that doesn't look promising either. Will switch to 10.3 when it is published. Toooo many particular local configurations to change at each distro issuance :^) tks, -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2007-07-16 at 15:50 -0400, Patrick Shanahan wrote:
The ONLY thing that I can think of that I haven't tried is restarting the entire system, which I do VERY infrequently, ie: kernel change which has bit me several times recently so I have shied away from that. Using a kernel built for 10.2 on a 10.1 system (only way to get support for my usb devices, at the time).
On this email:
] Date: Tue, 10 Jan 2006 10:14:59 +0000 (GMT)
] From: Bob Vickers
* Carlos E. R.
On this email:
] Date: Tue, 10 Jan 2006 10:14:59 +0000 (GMT) ] From: Bob Vickers
] Subject: Re: [suse-security] Patch Noifications you will find a script that locates updates that haven't been applied. It is based on scanning the output of:
lsof | grep -E 'RPMDELETE|;|path inode='
Thanks. Output from above: 20:11 wahoo:~ # lsof | grep -E 'RPMDELETE|;|path inode=' kded 6463 pat mem REG 8,6 914526 /usr/lib64/libdns_sd.so (path inode=678216) kerry 6522 pat mem REG 8,6 679894 /usr/lib64/libbeagle.so.0.0.0 (path inode=679178) httpd2-pr 6800 root mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6800 root mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6800 root mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6800 root mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6800 root mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6802 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6802 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6802 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6802 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6802 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6803 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6803 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6803 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6803 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6803 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6804 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6804 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6804 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6804 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6804 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6805 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6805 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6805 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6805 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6805 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6806 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6806 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6806 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6806 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6806 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) beagled-h 7507 pat mem REG 8,6 672752 /usr/lib64/libbonobo-2.so.0.0.0 (path inode=914964) beagled-h 7507 pat DEL REG 8,6 677067 /usr/lib64/libbonobo-activation.so.4.0.0;469b95be beagled-h 7507 pat mem REG 8,6 914526 /usr/lib64/libdns_sd.so (path inode=678216) httpd2-pr 13295 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 13295 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 13295 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 13295 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 13295 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 13302 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 13302 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 13302 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 13302 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 13302 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 13303 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 13303 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 13303 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 13303 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 13303 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) Nothing stands out to me, except maybe kded. Did: kdeinit kded and the process restarted, but did not allow any change to the firewall log. I will go back to runlevel 1 and return to 5, again (after posting this.) Perhaps you see something? tks, -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* Patrick Shanahan
* Carlos E. R.
[07-16-07 19:27]: [...] lsof | grep -E 'RPMDELETE|;|path inode='
Thanks. Output from above:
20:11 wahoo:~ # lsof | grep -E 'RPMDELETE|;|path inode=' kded 6463 pat mem REG 8,6 914526 /usr/lib64/libdns_sd.so (path inode=678216) [...]
Nothing stands out to me, except maybe kded. Did: kdeinit kded and the process restarted, but did not allow any change to the firewall log.
I will go back to runlevel 1 and return to 5, again (after posting this.)
Perhaps you see something?
Dumb luck, but noticed that syslog-ng was not starting. I commented prior about this. What I *didn't* say was that 'rcsyslog start' did not start syslog-ng. Further searching revealed that syslog-ng was not referenced in /etc/sysconfig/syslog. I have a prior install of 10.1 on another drive for reference. Compared the syslog files and wrote the differences to /etc/sysconfig/syslog. Now going from runlevel 1 to 3 starts syslog-ng and the firewall logging has returned. Another revelation, the change time on /etc/sysconfig/syslog was 11 July, not the 13th where the firewall logging halted. I surmise that syslog was not stopped and failed to restart until I went to runlevel 1 to try to recover from the system thinking there was no free space on /home ???? What generates /etc/sysconfig/syslog as rpm -qf doesn't know? Thanks for everyone's indulgence, -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2007-07-16 at 20:23 -0400, Patrick Shanahan wrote:
you will find a script that locates updates that haven't been applied. It is based on scanning the output of:
lsof | grep -E 'RPMDELETE|;|path inode='
Thanks. Output from above:
20:11 wahoo:~ # lsof | grep -E 'RPMDELETE|;|path inode=' kded 6463 pat mem REG 8,6 914526 /usr/lib64/libdns_sd.so (path inode=678216) kerry 6522 pat mem REG 8,6 679894 /usr/lib64/libbeagle.so.0.0.0 (path inode=679178) httpd2-pr 6800 root mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6800 root mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6800 root mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6800 root mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6800 root mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6802 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6802 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6802 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6802 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6802 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6803 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6803 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6803 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6803 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6803 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6804 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6804 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6804 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6804 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6804 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6805 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6805 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6805 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6805 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6805 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 6806 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 6806 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 6806 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 6806 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 6806 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) beagled-h 7507 pat mem REG 8,6 672752 /usr/lib64/libbonobo-2.so.0.0.0 (path inode=914964) beagled-h 7507 pat DEL REG 8,6 677067 /usr/lib64/libbonobo-activation.so.4.0.0;469b95be beagled-h 7507 pat mem REG 8,6 914526 /usr/lib64/libdns_sd.so (path inode=678216) httpd2-pr 13295 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 13295 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 13295 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 13295 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 13295 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 13302 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 13302 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 13302 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 13302 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 13302 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976) httpd2-pr 13303 wwwrun mem REG 8,61127500 /usr/lib64/php5/extensions/gettext.so (path inode=1126977) httpd2-pr 13303 wwwrun mem REG 8,61126978 /usr/lib64/php5/extensions/iconv.so (path inode=1126918) httpd2-pr 13303 wwwrun mem REG 8,61127496 /usr/lib64/php5/extensions/mbstring.so (path inode=1126192) httpd2-pr 13303 wwwrun mem REG 8,61126980 /usr/lib64/php5/extensions/mcrypt.so (path inode=1126975) httpd2-pr 13303 wwwrun mem REG 8,61127490 /usr/lib64/php5/extensions/pdo.so (path inode=1126976)
Nothing stands out to me, except maybe kded. Did: kdeinit kded and the process restarted, but did not allow any change to the firewall log.
It should come out empty. Ie, no output. The output means that some programs are using the previous version of some libraries that were updated; till those programs are not restarted they keep using the old, loaded, libraries instead of the new versions (ie, files on disk that are opened are not really deleted till they are closed). This info should be given by Yast automatically, after an update, but it isn't. It means you have to restart apache and beagle (log out, log in), I think. About the syslog, I saw another post, will coment there. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGnBw4tTMYHG2NR9URAhsQAJ4v7ChT9xO/qQfvo9B/RScGjCMLqgCfVvuf 7iXrYj/cC1byaTuQJABpGG4= =Q31h -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2007-07-16 at 21:17 -0400, Patrick Shanahan wrote:
Dumb luck, but noticed that syslog-ng was not starting. I commented prior about this. What I *didn't* say was that 'rcsyslog start' did not start syslog-ng.
Ah!
Further searching revealed that syslog-ng was not referenced in /etc/sysconfig/syslog. I have a prior install of 10.1 on another drive for reference. Compared the syslog files and wrote the differences to /etc/sysconfig/syslog. Now going from runlevel 1 to 3 starts syslog-ng and the firewall logging has returned.
Weird.
Another revelation, the change time on /etc/sysconfig/syslog was 11 July, not the 13th where the firewall logging halted. I surmise that syslog was not stopped and failed to restart until I went to runlevel 1 to try to recover from the system thinking there was no free space on /home ????
Probably so. Doing that forces the daemon to reload, and fail. Till then, the change was not applied... but who/what changed the syslog conf?
What generates /etc/sysconfig/syslog as rpm -qf doesn't know?
Dunno... it must be generated by some script. About the dissapearing space, I think it might be similar to what I comented on my previous email: files were deleted while still opened, so the change was not written to disk till their proceses died. Something of the sort, anyway. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGnB1qtTMYHG2NR9URAkMEAJ97Ut7sktQHNtiV3RvH2cvrUiwvqQCfaeE0 cSdfPsJ9UWq7U5P/By9Q0SE= =vS12 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Carlos E. R.
-
Darryl Gregorash
-
Patrick Shanahan