FS#26887 - syslog-ng.conf should use unix-stream() for greater reliability
Attached to Project:
Arch Linux
Opened by Kerin Millar (kerframil) - Monday, 14 November 2011, 16:45 GMT
Last edited by Dave Reisner (falconindy) - Monday, 14 November 2011, 18:43 GMT
Opened by Kerin Millar (kerframil) - Monday, 14 November 2011, 16:45 GMT
Last edited by Dave Reisner (falconindy) - Monday, 14 November 2011, 18:43 GMT
|
Details
The default syslog-ng.conf file in Arch currently makes use
of the unix-dgram() option to follow /dev/log.
Unfortunately, as mentioned in Chapter 9.1.7 of the official
Administrator Guide, this approach is sub-optimal in Linux
and may lead to lost messages. I quote:-
"These two drivers behave similarly: they open the given AF_UNIX socket and start listening on it for messages. unix-stream() is primarily used on Linux and uses SOCK_STREAM semantics (connection oriented, no messages are lost); while unix-dgram() is used on BSDs and uses SOCK_DGRAM semantics: this may result in lost local messages if the system is overloaded." Please rectify this by adjusting line #21 to use unix-stream(), like so:- unix-stream("/dev/log"); |
This task depends upon
Closed by Dave Reisner (falconindy)
Monday, 14 November 2011, 18:43 GMT
Reason for closing: Not a bug
Additional comments about closing: See comments
Monday, 14 November 2011, 18:43 GMT
Reason for closing: Not a bug
Additional comments about closing: See comments
FS#22153where I personally proposed that we change to a UDP socket.Additionally, see unix(7) where datagram based AF_UNIX sockets are described as an in-order, lossless transmission (unlike UDP over INET).