From: Bruce S. <bw...@ar...> - 2005-08-03 19:57:06
|
> > It appears that postfix modifies /etc/syslog-ng/syslog-ng.conf and adds: > > 'unix-stream("/var/spool/postfix/dev/log");"' in the source. > > > > Then I save the new syslog-ng.conf with save-config and reboot. Since > > syslog-ng starts before postfix, that socket doesn't exist at that time, > > and syslog-ng won't start. > > > > Opinions on the best way to "fix" this? > > I was thinking about this issue to and the most elegant solution would be > something like this: > We have Syslog-NG running and only listening on /dev/log . > Each chroot jail gets its own syslog daemon, which does nothing else then > forwarding the chroot/dev/log to /dev/log. > I don't know if there's a forwarding syslog daemon existing, of if there's > one even suitable for this idea. > > Unfortunately I didn't have any time in researching this a little, maybe > you can see if you find a suitable syslog daemon. I "fixed" it for my situation by not running postfix (or xntpd) in a JAIL. Not a big security concern for me since I'm only sending and not receiving any mail, I'm not even listening on port 25. That's why I fixed the postfix init.d script to check for $JAIL_ENABLE. I would even go as far to say that anyone running postfix to receive mail is required to use a hard drive. Otherwise it'd be too easy for anyone to DoS the box by sending it enough mail to fill memory. - BS |