Syslogd is the system logging utility commonly used on UNIX systems. Syslogd is a daemon that opens a special file called a FIFO. A FIFO is a special file that acts like a pipe. Anything that is written to the write side will come out the read side. Syslogd waits for data from the read side. There are C functions that write to the write side. If your program uses these C functions your output will go to syslogd.
Remember that we have used a chroot environment and the FIFO that
syslogd is reading from (/dev/log) is not present. That means all the virtual
environments will not log to syslogd.
Syslogd can look to a different FIFO if you tell it on the command line so run syslogd with the argument:
syslogd -p /virtual/log
Then symlink /dev/log to /virtual/log by:
ln -sf /virtual/log /dev/log
Then hard link all the /dev/log copies to this file by running:
ln -f /virtual/log /virtual/domain1.com/dev/log
The virtfs script above already does this. Since /virtual is one contiguous
disk and the /dev/log's are hard linked they have the same inode number and point
to the same data. The chroot cannot stop this so all your
virtual /dev/log's will now function. Note that all the messages from all
the environments will be logged in one place. However, you can write separate
programs to filter out the data.
This version of the syslogd.init file hard links the /dev/log's each time you start it because syslogd deletes and creates the /dev/log FIFO each time it runs. Here is a modified syslogd.init file:
#!/bin/sh
. /etc/rc.d/init.d/functions
case "$1" in
start)
echo -n "Starting dev log: "
ln -sf /virtual/log /dev/log
echo done
echo -n "Starting system loggers: "
daemon syslogd -p /virtual/log
daemon klogd
echo
echo -n "Starting virtual dev log: "
for i in /virtual/*
do
if [ ! -d "$i" ]
then
continue
fi
if [ "$i" = "/virtual/lost+found" ]
then
continue
fi
ln -f /virtual/log $i/dev/log
echo -n "."
done
echo " done"
touch /var/lock/subsys/syslogd
;;
stop)
echo -n "Shutting down system loggers: "
killproc syslogd
killproc klogd
echo
rm -f /var/lock/subsys/syslogd
;;
*)
echo "Usage: syslogd {start|stop}"
exit 1
esac
exit 0
If you run out of space on one filesystem and you have to break up your virtual
domains onto different disks remember that hard links will not cross disks. That
means you will have to run a separate syslogd for each group of domains on a disk.
For example, if you had thirteen domains on /virtual1 and fifteen domains on
/virtual2, you would hard link thirteen domains to /virtual1/log and run one
syslogd with syslogd -p /virtual1/log and hard link fifteen other domains
to /virtual2/log with a syslogd running with syslogd -p /virtual2/log .
If you do not want to centralize the logs to one place you could also run
one syslogd per domain. This wastes process ID's so I do not recommend it but it
is easier to implement. You would have to alter your syslogd.init file to
run syslogd as chroot /virtual/domain1.com syslogd for each domain.
This will run each syslogd within the chroot and the logs will be in
/virtual/domain1.com/var/log rather than all combined in /var/log.
Do not forget to run a syslogd normally syslogd for the
main system and a kernel logger klogd .