Path: utzoo!attcan!uunet!decwrl!elroy.jpl.nasa.gov!usc!zaphod.mps.ohio-state.edu!uakari.primate.wisc.edu!dali.cs.montana.edu!milton!uw-beaver!zephyr.ens.tek.com!tektronix!nosun!tessi!onion!jeff From: jeff@onion.pdx.com (Jeff Beadles) Newsgroups: comp.unix.wizards Subject: Re: syslog + chroot + ftpd Message-ID: <1990Jul31.234400.11091@onion.pdx.com> Date: 31 Jul 90 23:44:00 GMT References: Distribution: comp Organization: Little to none Lines: 43 luis@lutetia.rice.edu (Luis Soltero) writes: >has anyone noticed that syslog stops logging when ftpd logs in an >anonymous ftp user? i have tracked the problem to the chroot system >call. prior to chroot() syslog works as advertized. once the chroot() >is executed inside tftpd, however, syslog calls no longer get >recorded. >any ideas? Yes, I've seen this many a time. The problem is that /dev/log can not be accessed after the chroot. Here's what I've done to work around it here... Reboot, and stop the boot process in single user mode. ( replace /usr2/ftp with the home directory of your ftp account) Then, % rm -f /dev/log % mkdir /usr2/ftp/dev % chmod 711 /usr2/ftp/dev % chown root /usr2/ftp/dev % ln -s /usr2/ftp/dev/log /dev/log Look to see where your "syslogd" process is started. Mine is in "/etc/rc.net". Change it so the syslogd is started as: /etc/syslogd -p /usr2/ftp/dev/log Now, continue the boot process and check the results. This way the logfile is within the chroot'ed environment, and can still be accessed. IMHO, it's a hack, but I didn't see a easier solution... Of course, if you do this you're on your own. I take no responsibility what so ever. :-) -Jeff -- Jeff Beadles jeff@onion.pdx.com jeff@quark.wv.tek.com