syslogd or syslog-ng?

[Reuti]

Hi,

With one of the last updates to 20.1.8 IIRC in the output of the patch procedure the steps were listed to get now syslog-ng as new default in OPNsense working. With the update to 20.7, now syslogd does get started as default again. I have two questions regarding this behavior:

• Is syslog-ng the official log daemon in OPNsense, or is it just a matter of taste which to prefer?
• Even with /etc/rc.local in place, syslog-ng is not started by default but syslogd. How can I make syslog-ng the default again?

Code Select Expand

root@opnsense:/etc # cat rc.conf
syslog_ng_enable="YES"
syslogd_enable="NO"

Kind regards -- Reuti

[ruggerio]

Hi,

According to my problem with postfix, mimugmail told me to deactivate clog, which means disable syslogd. Just go to System/Settings/Protocol and click disable circular logs. After a reboot, my syslogd was disabled.

[Reuti]

Hi,

Indeed, that did the trick. Now the syslogd doesn't start any longer by default but the syslog-ng.

Thx

-- Reuti

[franco]

You should not try to set these syslog vars in rc.conf manually as the system may not be able to cope with them correctly.


Cheers,
Franco

[Reuti]

Hi Franco,

Thx for the advice. But the output of the 20.1.8 patch was to adjust this file, kill the syslogd and start (at least one time) syslog-ng by hand.

Should the output of the update procedures in general be ignored?

I also installed just postfix and there were also some instructions for actions to be taken. Shall I ignore them or follow them?

-- Reuti

Code Select Expand

Message from syslog-ng327-3.27.1_1:

--
syslog-ng is now installed!  To replace FreeBSD's standard syslogd
(/usr/sbin/syslogd), complete these steps:

1. Create a configuration file named /usr/local/etc/syslog-ng.conf
   (a sample named syslog-ng.conf.sample has been included in
   /usr/local/etc). Note that this is a change in 2.0.2
   version, previous ones put the config file in
   /usr/local/etc/syslog-ng/syslog-ng.conf, so if this is an update
   move that file in the right place

2. Configure syslog-ng to start automatically by adding the following
   to /etc/rc.conf:

        syslog_ng_enable="YES"

3. Prevent the standard FreeBSD syslogd from starting automatically by
   adding a line to the end of your /etc/rc.conf file that reads:

        syslogd_enable="NO"

4. Shut down the standard FreeBSD syslogd:

     kill `cat /var/run/syslog.pid`

5. Start syslog-ng:

     /usr/local/etc/rc.d/syslog-ng start


[rolsch]

I have the same "issue".

With the update to 20.7 runs both: syslogd and syslog-ng.

How can i de-install syslog-ng`

Code Select Expand


root@OPNsense:~ # pkg remove syslog-ng327-3.27.1_1
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 2 packages (of 0 packages in the universe):

Installed packages to be REMOVED:
        syslog-ng327-3.27.1_1
        opnsense-20.7

Number of packages to be removed: 2

The operation will free 25 MiB.

Proceed with deinstalling packages? [y/N]: n
root@OPNsense:~ #

-> opnsense-20.7 ???

Is syslog-ng the official log daemon in OPNsense?

Regards
Roland

[hushcoden]

It would be useful if someoen could clarify whether we do need both to run and if not, which one then ?

Tia.

[franco]

The system will take care of which it needs. We are transitioning from syslogd to syslog-ng but it's complicated because of the "clog" binary circular log format tied into syslogd since forever.

You can ignore all package upgrade messages. They are from FreeBSD and we merely show them for completeness (mostly capturing errors there or context for how far the update proceeds). It's difficult to squelch those messages so best not to act on them and trust the GUI and the release notes to bring you up to speed in everything.


Cheers,
Franco