Knowledge base

Related pages

KB1066 - Chrooting syslog-ng
Last update: 2007-06-07 10:26:35
Revision: 8
Keywords: product_syslog-ng chroot

Applies to: All versions of syslog-ng

Question

Can syslog-ng run in a chroot?

Answer

Yes. Start syslog-ng using the --chroot command-line parameter. For example: syslog-ng --chroot /var/chroot. The syslog-ng application initializes its configuration before the changing the root (e.g., the local UNIX domain socket /dev/log is opened before chrooting).

Note that it is not possible to reload the syslog-ng configuration after chrooting, thus you will need to use restart, or bind-mount the '/dev' directory into the chroot.

Additional information / References

For details on collecting log from a chroot, see the Collecting logs from chroot section in the Best practices and examples chapter of The syslog-ng Administrator Guide at
http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/bk01-toc.html#example_chroot

Acknowledgement

Special thanks to Nate Campi for organizing and hosting the syslog-ng FAQ.

How useful would you rate this content ?

Poor Outstanding
What is your opinion about this article?

back to top

Copyright 2000-2009 BalaBit IT Security
All rights reserved

Bookmark This Corporate blog Security blog