"Dave Sobel" <dave@evolvetech.com> wrote that some of the messages
logged from ipop3d and imapd are missing in his syslog.
There are two transports which might be used to transport log-messages
from the logging applications (in this case ipop3d or imapd) to
syslogd: If the unix domain socket /dev/log exists the library used by
the application first tries to send the message through this socket.
As tne man-page unix(7) sais: ``Unix sockets are always reliable and
don't reorder datagrams.'' If the unix domain socket /dev/log is
unavailable, the library tries to send the message through an IP
datagram (UDP) socket to localhost:514. But, UDP is an unreliable
protocol and might silently drop some messages, e.g. if the receiving
socket's receive buffer is full.
If ipop3d or imapd are logging through UDP it can happen that
messages are lost.
If ipop3d or imapd are running chroot(2)ed (e.g. to /var/spool/imap),
they can't access /dev/log and have to use UDP to transmit their
messages. When they try to reach /dev/log, they will actually try to
reach /dev/log in their changed root (e.g. /var/spool/imap/dev/log).
You can/should tell syslogd to create an additional logging socket to
be used by these daemons (e.g. by starting syslogd like: syslogd -a
/var/spool/imap/dev/log ), so that they can reach syslogd through a
reliable unix domain socket.
Christian.
This archive was generated by hypermail 2.1.3 : Fri Mar 08 2002 - 15:41:38 CET