syslog from chrooted environment
Phil Pennock
phil.pennock at globnix.org
Sat Jul 29 05:38:04 AEST 2017
On 2017-07-28 at 14:26 -0400, Mike Tancsa wrote:
> On 7/25/2017 7:21 PM, Phil Pennock wrote:
> > Honestly, I'd start looking instead at having syslogd listen on a UDP
> > socket on a non-routed address and send to that locally instead. See
> > the "-a" option to syslogd, although contrary to docs my past experience
> > has suggested that -a can't be repeated.
>
> How do I get sshd to send via UDP to syslogd ?
Ugh, I've gotten too used to languages which let you customize this in
openlog().
Tell sshd to run in the foreground writing logs to stderr and invoke it
under a wrapper which sends logs wherever you want, while handling
restarts.
This isn't the core system ssh for sysadmin to log in, AIUI, so it's
safer to have a little more complexity around the startup.
/path/to/sshd -De
There are various supervisor programs around which will log wherever you
want (including via UDP syslog), you can pick one for whatever your
preferred poison is.
At this point, you are relying upon stdio from the chrooted processes,
so the chroot is irrelevant and you can just log normally to wherever
you want, so you could even just send straight to syslog, avoiding the
need for devices in the chroots.
-Phil
More information about the openssh-unix-dev
mailing list