syslogd problem
Hello all,
Situation: slink, 2.2.13, name is "desert"
Sometimes the machine loses its speach; this is: it does not lose
connectivity (you can "telnet desert 110") but after it has made the
connection, it just sits there and waits for the pop3d. Same with
telnet, ssh, etc etc.
Now a straight tty login does the same: you can login but it will sit
there and not display a prompt!
We had this a couple of times and decided that an extra unprotected
shell on the console would be the way to go.
This one works and keeps working, and thus we found out that killing
syslogd makes the machine respond again!
OK, so it is syslogd.
"strace" tells us that syslogd keeps running round a "recvfrom
(21,......)" where 21 is a socket - but netstat does not show any socket
with the same number :-(
The other thing is: if we start syslogd without "-r", the problem seems
not to occur. The strange thing is, however, that this machine does not
receive any syslog messages! (and it is firewalled so port 514 will not
come through anyway).
Just before becoming non-responsive, the syslogd logs a "sendto:
Connection refused". That could be right, since /etc/syslog.conf ends
with a line that says
*.* @192.168.then.some
and then.some is switched off sometimes. But then, hey, this should not
stop a machine from working, should it? (Eh, if syslogd were to be a
remote power switch, it's a weird one).
I'm not sure what to do next. Anyone comment on this? Oh, I ran a
tcpdump on the network while this syslog was non responsive and I
couldn't find any UDP 514 traffic, nor any ARP requests for "then.some".
"Help!" - now what's next?
Best regards,
Valentijn
--
Valentijn Sessink - valentyn@nospam.openoffice.nl
-
No one can yet predict what future archaeologists may
find in Redmond. - John Pancharian, LinuxWorld
Reply to: