Re: /proc/kmsg and chrooted syslog-ng

Did we ever get a step-by-step on making a chroot jail for syslog-ng?

On Tue, Aug 17, 2004 at 01:48:30PM +0200, bazsi <at> balabit.hu wrote:
> On Mon, Aug 16, 2004 at 10:08:46PM -0500, Michael D. (Mick) Bauer wrote:
> > One more ignorance-betraying question about Syslog-ng chroot-jails:
> > what should one do about /proc/kmsg? Maybe "touch
> > /var/logjail/proc/kmsg; ln -s /var/logjail/proc/kmsg /proc/kmsg"?
> 
> no, this would not work. kernel messages need to be fetched from a "live"
> proc filesystem, however you can mount it directly into the chroot jail
> as well, e.g.
> 
> mount -t proc proc /var/logjail/proc
> 
> that's about it.
> 
> > 
> > And do I take it that, per another recent posting, one should
> > similarly create a new dev/log in the jail and link to it from
> > /dev/log?
> 
> yes, this makes it possible to reload syslog-ng inside the chroot jail, as
> otherwise it is not possible.
> 
> > 
> > I'd like to post a revised Syslog-ng chroot jail procedure later
> > this week. Thanks to the two of you who've replied so far!
> 
> great.
> 
> -- 
> Bazsi
> _______________________________________________
> syslog-ng maillist  -  syslog-ng <at> lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
> 

--

-- 
Nate

"You are trapped in a maze of screens and ssh sessions all alike." 
"It is dark, and you are likely to log off the wrong account." 

_______________________________________________
syslog-ng maillist  -  syslog-ng <at> lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html