FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 12-27-2007, 05:45 AM
"Dean S. Messing"
 
Default frustration with NTP logging

When I start `ntpd' (service ntpd start)
messages like the following are inserted in /var/log/messages:

Dec 26 22:00:25 medulla ntpd[17171]: ntpd 4.2.4p2@1.1495-o Tue Aug 21 13:58:55 UTC 2007 (1)
Dec 26 22:00:25 medulla ntpd[17172]: precision = 1.000 usec
Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #0 wildcard, 0.0.0.0#123 Disabled
Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #1 wildcard, ::#123 Disabled
Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #2 vmnet8, fe80::250:56ff:fec0:8#123 Enabled
Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #3 lo, ::1#123 Enabled
Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #4 eth0, fe80::219:b9ff:fe35:84f#123 Enabled
Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #5 lo, 127.0.0.1#123 Enabled
Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #6 eth0, 172.29.226.11#123 Enabled
Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #7 vmnet8, 10.10.10.1#123 Enabled
Dec 26 22:00:26 medulla ntpd[17172]: kernel time sync status 0040
Dec 26 22:00:26 medulla ntpd[17172]: frequency initialized 159.642 PPM from /var/lib/ntp/drift


Instead, I would like to get these to go into "/var/log/ntplog". But
try as I might, I've failed miserably and am ready to go bang my head
against the wall.

What is the Magick Solution?!?

Here's what I've tried:

I changed

*.info;mail.none;authpriv.none;cron.none /var/log/messages

to

*.info;mail.none;authpriv.none;cron.none;ntpd.none /var/log/messages

and added

# Log all the ntpd messages in one place.
ntpd.* /var/log/ntplog

in "/etc/syslog.conf" and restarted `syslogd' (making sure there that
"/var/log/ntplog" exists.) Then I stopped and started `ntpd'.

Nada! I now get no messages anywhere.

I then tried adding

logfile /var/log/ntplog
logconfig =all # log all messages

to "/etc/ntp.conf" and restarted ntpd.

I now get some _other_ diagnostic messages in "/var/log/ntplog",
messages like:

26 Dec 22:35:34 ntpd[18248]: system event 'event_restart' (0x01) status 'sync_alarm, sync_unspec, 1 event, event_unspec' (0xc010)
26 Dec 22:35:36 ntpd[18248]: peer 155.101.3.114 event 'event_reach' (0x84) status 'unreach, conf, 1 event, event_reach' (0x8014)
26 Dec 22:35:37 ntpd[18248]: peer 208.75.88.4 event 'event_reach' (0x84) status 'unreach, conf, 1 event, event_reach' (0x8014)
26 Dec 22:35:37 ntpd[18248]: peer 216.184.20.83 event 'event_reach' (0x84) status 'unreach, conf, 1 event, event_reach' (0x8014)

But I don't get the "Listening" messages anywhere.
Finally, leaving the above "logfile" lines in "/etc/ntp.conf" I tried putting
"syslog.conf" back the way it was to start with (no references to `ntpd').

Now the "Listening" lines are going back into "/var/log/messages".

Will somebody who understands system logging please tell me what is
going on here, 'cause I'm lost.

Thanks.
Bang, bang, bang, bang. :-)

Dean

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-27-2007, 05:55 AM
Cameron Simpson
 
Default frustration with NTP logging

On 26Dec2007 22:45, Dean S. Messing <deanm@sharplabs.com> wrote:
| When I start `ntpd' (service ntpd start)
| messages like the following are inserted in /var/log/messages:
|
| Dec 26 22:00:25 medulla ntpd[17171]: ntpd 4.2.4p2@1.1495-o Tue Aug 21 13:58:55 UTC 2007 (1)
| Dec 26 22:00:25 medulla ntpd[17172]: precision = 1.000 usec
| Dec 26 22:00:26 medulla ntpd[17172]: Listening on interface #0 wildcard, 0.0.0.0#123 Disabled
[...]
|
| Instead, I would like to get these to go into "/var/log/ntplog". But
| try as I might, I've failed miserably and am ready to go bang my head
| against the wall.
|
| What is the Magick Solution?!?
|
| Here's what I've tried:
|
| I changed
|
| *.info;mail.none;authpriv.none;cron.none /var/log/messages
| to
| *.info;mail.none;authpriv.none;cron.none;ntpd.none /var/log/messages
|
| and added
|
| # Log all the ntpd messages in one place.
| ntpd.* /var/log/ntplog
|
| in "/etc/syslog.conf" and restarted `syslogd' (making sure there that
| "/var/log/ntplog" exists.) Then I stopped and started `ntpd'.
|
| Nada! I now get no messages anywhere.
|
| I then tried adding
|
| logfile /var/log/ntplog
| logconfig =all # log all messages
|
| to "/etc/ntp.conf" and restarted ntpd.
|
| I now get some _other_ diagnostic messages in "/var/log/ntplog",
| messages like:
|
| 26 Dec 22:35:34 ntpd[18248]: system event 'event_restart' (0x01) status 'sync_alarm, sync_unspec, 1 event, event_unspec' (0xc010)
| 26 Dec 22:35:36 ntpd[18248]: peer 155.101.3.114 event 'event_reach' (0x84) status 'unreach, conf, 1 event, event_reach' (0x8014)
| 26 Dec 22:35:37 ntpd[18248]: peer 208.75.88.4 event 'event_reach' (0x84) status 'unreach, conf, 1 event, event_reach' (0x8014)
| 26 Dec 22:35:37 ntpd[18248]: peer 216.184.20.83 event 'event_reach' (0x84) status 'unreach, conf, 1 event, event_reach' (0x8014)
|
| But I don't get the "Listening" messages anywhere.
| Finally, leaving the above "logfile" lines in "/etc/ntp.conf" I tried putting
| "syslog.conf" back the way it was to start with (no references to `ntpd').
|
| Now the "Listening" lines are going back into "/var/log/messages".

Two things.

1: Your ntp.conf file changes merely ADDED file-based logging to ntpd.
So ntpd is now logging some stuff to your file.
In ADDITION, ntpd logs to the syslog.

2: Syslog is very primitive.
Those x.y fields are a "facility" and a "priority".
Have a quick glance at the file /usr/include/sys/syslog.h for
editification. In short, the facilities are predefine (kern, user, etc)
and the priorities are predefined.
Importantly, the facility is _not_ the program name.

So for ntpd you want to know what facility it uses, and what priority
the various messages are. Then you can tune things somewhat.
But "ntpd.none" does nothing (I'm surprised it doesn't get an error
message) because "ntpd" is not a facility name.

Cheers,
--
Cameron Simpson <cs@zip.com.au> DoD#743
http://www.cskk.ezoshosting.com/cs/

Politics is the art of looking for trouble, finding it everywhere, diagnosing
it incorrectly and then applying the wrong remedies. - G. Marx

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-27-2007, 07:54 AM
"Dean S. Messing"
 
Default frustration with NTP logging

Cameron Simpson writes:
: On 26Dec2007 22:45, Dean S. Messing <deanm@sharplabs.com> wrote:
: | When I start `ntpd' (service ntpd start)
: | messages like the following are inserted in /var/log/messages:

<snip>

: | Instead, I would like to get these to go into "/var/log/ntplog". But
: | try as I might, I've failed miserably and am ready to go bang my head
: | against the wall.
: |
: | What is the Magick Solution?!?
: |
: | Here's what I've tried:
: |
: | I changed
: |
: | *.info;mail.none;authpriv.none;cron.none /var/log/messages
: | to
: | *.info;mail.none;authpriv.none;cron.none;ntpd.none /var/log/messages
: |
: | and added
: |
: | # Log all the ntpd messages in one place.
: | ntpd.* /var/log/ntplog
: |
: | in "/etc/syslog.conf" and restarted `syslogd' (making sure there that
: | "/var/log/ntplog" exists.) Then I stopped and started `ntpd'.
: |
: | Nada! I now get no messages anywhere.
: |
: | I then tried adding
: |
: | logfile /var/log/ntplog
: | logconfig =all # log all messages
: |
: | to "/etc/ntp.conf" and restarted ntpd.
: |
: | I now get some _other_ diagnostic messages in "/var/log/ntplog",
: | messages like:

<snip>

: | But I don't get the "Listening" messages anywhere. Finally, leaving
: | the above "logfile" lines in "/etc/ntp.conf" I tried putting
: | "syslog.conf" back the way it was to start with (no references to
: | `ntpd').
: |
: |
: | Now the "Listening" lines are going back into "/var/log/messages".
:
: Two things.
:
: 1: Your ntp.conf file changes merely ADDED file-based logging to ntpd.
: So ntpd is now logging some stuff to your file.
: In ADDITION, ntpd logs to the syslog.
:
: 2: Syslog is very primitive.
: Those x.y fields are a "facility" and a "priority".
: Have a quick glance at the file /usr/include/sys/syslog.h for
: editification. In short, the facilities are predefine (kern, user, etc)
: and the priorities are predefined.
: Importantly, the facility is _not_ the program name.
:
: So for ntpd you want to know what facility it uses, and what priority
: the various messages are. Then you can tune things somewhat.
: But "ntpd.none" does nothing (I'm surprised it doesn't get an error
: message) because "ntpd" is not a facility name.

Thanks Cameron. Your remarks in (2) led me to a solution.
Shortly after I wrote the above, I noticed that `syslogd'
had stopped logging entirely. Your remarks prompted me to
go read the syslog.conf man page regarding "facilities" and,
to run syslogd from the CLI with debugging turned on. It was
throwing an error for the illegal facility!

Your comments in (1) are (I believe) slightly in error, at
least according to the ntpd docs.

From:
<file:///usr/share/doc/ntp-4.2.4p2/miscopt.html>

logfile logfile

This command specifies the location of an alternate log file to be
used instead of the default system syslog facility. This is the
same operation as the -l command line option.

The problem appears to be that ntpd wants to start writing messages
just as soon as its starts---even before it reads its config file.
These go through syslogd. Then, as soon as it reads the config file
and hits the "logfile" directive, it _redirects_ any future messages
to the logfile.

For grins, I started `ntpd' by hand on the CLI with "-l /var/log/ntplog" and
voila!, all the "Listening" messages ended up in "/var/log/ntplog", as
desired. Only two lines were put in "messages":

Dec 27 00:14:50 medulla ntpd[21152]: ntpd 4.2.4p2@1.1495-o Tue Aug 21 13:58:55 UTC 2007 (1)
Dec 27 00:14:50 medulla ntpd[21152]: logging to file /var/log/ntplog

According to the ntpd man page:

-l logfile
Specify the name and path of the log file. The default is
the system log file. This is the same operation as the
logfile logfile configuration command.

This is evidently (slightly) in error since the configuration command
is not "the same operation" as the commandline flag.

An interesting aside:
The messages in /var/log/ntplog begin with: ntpd[21153]

Note that the process number is one greater than the number in
"messages". Not sure of the significance of this, but it was
happening before, as well. (I checked.) Apparently `ntpd' starts,
writes some stuff, then forks, and writes the rest of what it is going
to write.

I've gone into "/etc/sysconfig/ntpd" and modified the OPTIONS
line to include the new flag. All is working now, accept for
those two lines in messages, which I can live with.

Thanks again.

Dean

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 06:44 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org