[rsbac] question on logging
Chirag Pandya
cpandya at gmail.com
Wed Sep 21 14:16:05 CEST 2005
Hello Andrea,
On 9/19/05, Andrea Pasquinucci <cesare at ucci.it> wrote:
> I have another question:
>
> I really would like to have a separate logging for RSBAC. I guess that
> the only way is to use its own independent logging. If I log normally
> through the kernel, it gets to syslog as a kernel message and it goes
> with all other kernel messages. Or can I send it to something else? (At
> the moment I cannot use syslog-ng).
>
> Otherwise, how can I use RSBAC own logging? I guess I will have to have
> something like klogd which reads the messages and sends them to syslogd
> etc. ?
>
There is a daemon provided in rsbac-admin tools (rklogd). It's in the
"contrib" directory. This daemon is programmed to read
/proc/rsbac-info/rmsg and it can write out any file you choose. It
works quite well. Did you try using it?
I use an init script that launches rklogd at startup.
>
> PS. The only way of turning off syslog logging is by the kernel
> parameter rsbac_nosyslog, correct?
AFAIK yes.
Regards,
Chirag
More information about the rsbac
mailing list