Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Prevent cron from flooding messages
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Tue Jan 05, 2016 8:31 am    Post subject: Prevent cron from flooding messages Reply with quote

Hi, folks.
I just updated my system and made a revision to my syslog-ng config. Now I have unwanted events from cron executing stuff allover the log. Since I have often tasks, it became very difficult to find anything valuable in log. Here is my syslog-ng.conf
Code:

#
# Syslog-ng default configuration file for Gentoo Linux

# https://bugs.gentoo.org/show_bug.cgi?id=426814
@include "scl.conf"

options {
        threaded(yes);
        chain_hostnames(no);

        # The default action of syslog-ng is to log a STATS line
        # to the file every 10 minutes.  That's pretty ugly after a while.
        # Change it to every 12 hours so you get a nice daily update of
        # how many messages syslog-ng missed (0).
        stats_freq(43200);
        # The default action of syslog-ng is to log a MARK line
        # to the file every 20 minutes.  That's seems high for most
        # people so turn it down to once an hour.  Set it to zero
        # if you don't want the functionality at all.
        mark_freq(3600);
};

source src
{
    system();
    internal();
};

filter dhcpd { program("dhcpd"); };
filter ntpd { program("ntpd"); };
filter hostapd { program("hostapd"); };
filter messages
{
    not program("dhcpd")
    and not program("ntpd")
    and not program("hostapd")
#    and (facility(cron) and level(warn..emerg))
};

destination messages { file("/var/log/messages"); };
destination console_all { file("/dev/tty12"); };
destination dhcpd { file("/var/log/dhcpd.log"); };
destination ntpd { file("/var/log/ntpd.log"); };
destination hostapd { file("/var/log/hostapd.log"); };

log { source(src); filter(messages); destination(messages); };
log { source(src); filter(dhcpd); destination(dhcpd); };
log { source(src); filter(ntpd); destination(ntpd); };
log { source(src); filter(hostapd); destination(hostapd); };
log { source(src); destination(console_all); };


The crontab looks like this:
Code:

# for cronie
# $Id$

# Global variables
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# check scripts in cron.hourly, cron.daily, cron.weekly and cron.monthly
# if anacron is not present
59  *  * * *    root    [ ! -x /etc/cron.hourly/0anacron ] && rm -f /var/spool/cron/lastrun/cron.hourly
9  3  * * *     root    [ ! -x /etc/cron.hourly/0anacron ] && rm -f /var/spool/cron/lastrun/cron.daily
19 4  * * 6     root    [ ! -x /etc/cron.hourly/0anacron ] && rm -f /var/spool/cron/lastrun/cron.weekly
29 5  1 * *     root    [ ! -x /etc/cron.hourly/0anacron ] && rm -f /var/spool/cron/lastrun/cron.monthly
*/10  *  * * *  root    [ ! -x /etc/cron.hourly/0anacron ] && { test -x /usr/sbin/run-crons && /usr/sbin/run-crons ; }

*/2   *  * * *  root    /root/rrd/rrd-ping-yandex.sh >/dev/null 2>&1
*/2   *  * * *  root    /root/rrd/rrd-ping-ptp.sh >/dev/null 2>&1
*/5   *  * * *  root    /root/rrd/graph-ping.s >/dev/null 2>&1


And here is some lines from /var/log/messages
Code:

Jan  5 11:20:01 cux CROND[23079]: (root) CMD ([ ! -x /etc/cron.hourly/0anacron ] && { test -x /usr/sbin/run-crons && /usr/sbin/run-crons ; })
Jan  5 11:22:01 cux CROND[23102]: (root) CMD (   /root/rrd/rrd-ping-ptp.sh >/dev/null 2>&1)
Jan  5 11:22:01 cux CROND[23103]: (root) CMD (   /root/rrd/rrd-ping-yandex.sh >/dev/null 2>&1)
Jan  5 11:24:01 cux CROND[23124]: (root) CMD (   /root/rrd/rrd-ping-ptp.sh >/dev/null 2>&1)
Jan  5 11:24:01 cux CROND[23125]: (root) CMD (   /root/rrd/rrd-ping-yandex.sh >/dev/null 2>&1)
Jan  5 11:25:01 cux CROND[23145]: (root) CMD (   /root/rrd/graph-ping.s >/dev/null 2>&1)
Jan  5 11:26:01 cux CROND[23154]: (root) CMD (   /root/rrd/rrd-ping-ptp.sh >/dev/null 2>&1)
Jan  5 11:26:01 cux CROND[23155]: (root) CMD (   /root/rrd/rrd-ping-yandex.sh >/dev/null 2>&1)


So. I want to prevent logging of successful lunches of crontab events, but failed even specifying filter for messages.
I'm using cronie and had vixie-cron before - all is same. I know there are crons, that allow to specify the loglevel directly, but I don't know exactly.
Any ideas?
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Tue Jan 05, 2016 9:52 am    Post subject: Re: Prevent cron from flooding messages Reply with quote

cz0 ... I have the following:

/etc/syslog-ng/syslog-ng.conf:
filter f_messages { level(info..warn)
   and not facility(auth, authpriv, mail, news, cron); };
[...]
destination messages { file("/var/log/messages"); };
[...]
log { source(src); filter(f_messages); destination(messages); };

... the key part of which is the 'not facility' ... so, you can use a similar method to that provided in your syslog-ng to filter ('not') dhcpd, ntpd, etc, (untested).

Code:
# Syslog-ng default configuration file for Gentoo Linux

# https://bugs.gentoo.org/show_bug.cgi?id=426814
@include "scl.conf"

options {
        threaded(yes);
        chain_hostnames(no);

        # The default action of syslog-ng is to log a STATS line
        # to the file every 10 minutes.  That's pretty ugly after a while.
        # Change it to every 12 hours so you get a nice daily update of
        # how many messages syslog-ng missed (0).
        stats_freq(43200);
        # The default action of syslog-ng is to log a MARK line
        # to the file every 20 minutes.  That's seems high for most
        # people so turn it down to once an hour.  Set it to zero
        # if you don't want the functionality at all.
        mark_freq(3600);
};

source src
{
    system();
    internal();
};

filter dhcpd { program("dhcpd"); };
filter ntpd { program("ntpd"); };
filter hostapd { program("hostapd"); };
filter cron { program("cronie"); };
filter messages
{
    not program("dhcpd")
    and not program("ntpd")
    and not program("hostapd")
    and not program("cronie")
#    and (facility(cron) and level(warn..emerg))
};

destination messages { file("/var/log/messages"); };
destination console_all { file("/dev/tty12"); };
destination dhcpd { file("/var/log/dhcpd.log"); };
destination ntpd { file("/var/log/ntpd.log"); };
destination hostapd { file("/var/log/hostapd.log"); };
destination cron { file("/var/log/cron.log"); };

log { source(src); filter(messages); destination(messages); };
log { source(src); filter(dhcpd); destination(dhcpd); };
log { source(src); filter(ntpd); destination(ntpd); };
log { source(src); filter(hostapd); destination(hostapd); };
log { source(src); destination(console_all); };

HTH & best ... khay
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Tue Jan 05, 2016 1:04 pm    Post subject: Re: Prevent cron from flooding messages Reply with quote

khayyam wrote:
cz0 ... I have the following:

/etc/syslog-ng/syslog-ng.conf:
filter f_messages { level(info..warn)
   and not facility(auth, authpriv, mail, news, cron); };
[...]
destination messages { file("/var/log/messages"); };
[...]
log { source(src); filter(f_messages); destination(messages); };

... the key part of which is the 'not facility' ... so, you can use a similar method to that provided in your syslog-ng to filter ('not') dhcpd, ntpd, etc, (untested).

Well, it is half of the story, actually. I don't want to mute cron completely, I still want to see errors if something goes wrong to en executed task (non zero return code). AFAIR the "not facility(cron)" will drop all messages from cron.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Tue Jan 05, 2016 4:27 pm    Post subject: Re: Prevent cron from flooding messages Reply with quote

cz0 wrote:
Well, it is half of the story, actually. I don't want to mute cron completely, I still want to see errors if something goes wrong to en executed task (non zero return code). AFAIR the "not facility(cron)" will drop all messages from cron.

cz0 ... actually, I'm logging cron to its own logfile, but nevermind. In your case I'd assume the level would be 'notice' or 'warn', probably the latter (basically, not 'info'), so, you could do something like the following for example:

/etc/syslog-ng/syslog-ng.conf:
filter cron { program("cronie"); level(warn) ; };

HTH & best ... khay
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Tue Jan 05, 2016 6:57 pm    Post subject: Reply with quote

It seems that this not a syslog-ng problem. It looks like cronie doesn't return proper exit code of the job. It ether show all, or show nothing regardless the result of the job. I have a couple of scripts: one always return 0 and another non-zero code (due to simulated fail). And the both appear and disappear from log at the same time depending if I specify level (info..emerg) or level(warn..emerg). Seems like all the diagnostics from cronie passed to the syslog at level info.
Back to top
View user's profile Send private message
toralf
Developer
Developer


Joined: 01 Feb 2004
Posts: 3648
Location: Hamburg

PostPosted: Tue Jan 05, 2016 7:06 pm    Post subject: Reply with quote

cron itself just returns whether a job could be started or not AFAIK - the job itself is responsible for its exits code independently.
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Tue Jan 05, 2016 8:31 pm    Post subject: Reply with quote

It seems to be there are some implementations that handle return codes rather then simply command path and output:
Code:

  # Or, to log standard messages, plus jobs with exit status != 0:
  # EXTRA_OPTS='-L 5'
  #
  # For quick reference, the currently available log levels are:
  #   0   no logging (errors are logged regardless)
  #   1   log start of jobs
  #   2   log end of jobs
  #   4   log jobs with exit status != 0
  #   8   log the process identifier of child process (in all logs)
  #
  EXTRA_OPTS="-L 0"

Mentioned here. But I wasn't able to figure out the particular name of the cron.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Tue Jan 05, 2016 9:15 pm    Post subject: Reply with quote

cz0 wrote:
Mentioned here. But I wasn't able to figure out the particular name of the cron.

cz0 ... as the subject is debian squeeze ... its probably sys-process/bcron.

best ... khay
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Wed Jan 06, 2016 8:50 am    Post subject: Reply with quote

khayyam wrote:

cz0 ... as the subject is debian squeeze ... its probably sys-process/bcron.

Unfortunately not the case. I emerged bcron and went through all it's executables and non of them providing that option.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Wed Jan 06, 2016 9:18 am    Post subject: Reply with quote

cz0 wrote:
khayyam wrote:
cz0 ... as the subject is debian squeeze ... its probably sys-process/bcron.

Unfortunately not the case. I emerged bcron and went through all it's executables and non of them providing that option.

cz0 ... well, that is what the link says is the case for squeeze, "Packages providing cron: bcron-run", and it says the same for wheezy, jessie, stretch, and sid. Though from this link it seems 'bcron' and 'bcron-run' are different packages ... I'd suggest looking at the sources.

best ... khay
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Thu Jan 07, 2016 11:01 am    Post subject: Reply with quote

I installed Debian Jessie in VM to have a look and it appear to be a Vixie-cron 3.0. Well, at least man page came from a Vixie cron and binary file /usr/sbin/cron mentions Vixie. But Debian version accepts option -L, while Gentoo doesn't. Have no idea.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Thu Jan 07, 2016 12:19 pm    Post subject: Reply with quote

cz0 wrote:
I installed Debian Jessie in VM to have a look and it appear to be a Vixie-cron 3.0. Well, at least man page came from a Vixie cron and binary file /usr/sbin/cron mentions Vixie. But Debian version accepts option -L, while Gentoo doesn't. Have no idea.

cz0 ... well, its debian ... which basically maintains patches for everything ... that is why I said look at the sources, specifically the patch(es) applied.

cron_3.0pl1-124.diff:
+ * Add option to control logging (-L) with patch provided by Steve Fosdick.
+  This makes it possible to log cron job finishing if you use -L 2
+  (Closes: #271747, #318247)

best ... khay
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Thu Jan 07, 2016 2:00 pm    Post subject: Reply with quote

khayyam wrote:

cz0 ... well, its debian ... which basically maintains patches for everything ... that is why I said look at the sources, specifically the patch(es) applied.

cron_3.0pl1-124.diff:
+ * Add option to control logging (-L) with patch provided by Steve Fosdick.
+  This makes it possible to log cron job finishing if you use -L 2
+  (Closes: #271747, #318247)

best ... khay

Oh... thanks! That prevented me from going through all cron implementations available. Probably, I write an ebuild with this patch and see what happen. The only thing that makes me worry is that Debian uses version 3.0, while Gentoo 4.1. At least, it's a good point to start with, I think I will be able to adopt the patch.
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Thu Jan 07, 2016 2:52 pm    Post subject: Reply with quote

Well, that patch itself seems to be mixed with dozens of other patches and it will be difficult to get it out. I wrote to the author.
Back to top
View user's profile Send private message
Tony0945
Advocate
Advocate


Joined: 25 Jul 2006
Posts: 2886
Location: Illinois, USA

PostPosted: Thu Jan 07, 2016 5:33 pm    Post subject: Reply with quote

Examples to only log error messages, amongst others:

Code:
login as: root
Using keyboard-interactive authentication.
Password:
gentoo ~ # crontab -l
# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (/tmp/crontab.XXXX46GFQd installed on Mon Jul  6 09:29:17 2015)
# (Cron version V5.0 -- $Id: crontab.c,v 1.12 2004/01/23 18:56:42 vixie Exp $)
10 0 * * *    /usr/local/sbin/nightly_sync  2>>/var/log/messages
24 3 * * sun  /usr/local/bin/grabit 2>&1  >>/var/log/messages
0 18 * * mon  /usr/local/bin/getquotes >/dev/null 2>>/var/log/messages
0 18 * * wed  /usr/local/bin/getquotes >/dev/null 2>>/var/log/messages
0 18 * * fri  /usr/local/bin/getquotes >/dev/null 2>>/var/log/messages
0  1 * * *    updatedb  >/dev/null 2>>/var/log/messages
0  0 * * *    /usr/local/sbin/nightly_logrotation >>/var/log/messages
gentoo ~ #


i.e. redirect the outputs you don't want to either /dev/null or another file. The "nightly_sync" script writes normal output to it's own log.
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Thu Jan 07, 2016 7:09 pm    Post subject: Reply with quote

Tony0945 wrote:
Examples to only log error messages, amongst others:
i.e. redirect the outputs you don't want to either /dev/null or another file. The "nightly_sync" script writes normal output to it's own log.

This doesn't work. cron will log jobs starting regardless process output. I have both stdout and stderr redirected to /dev/null (see the initial post) and this has nothing to do with the cron logs.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Thu Jan 07, 2016 8:36 pm    Post subject: Reply with quote

cz0 wrote:
Well, that patch itself seems to be mixed with dozens of other patches and it will be difficult to get it out. I wrote to the author.

cz0 .... hehe, yeah, debian. I never understood why so many people gravitated toward it. Besides the almost crazy level of patching, to then take a seperate patch (as is the case above) and merge it into a unified mega-patch is just silly.

best ... khay
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Tue May 17, 2016 8:11 pm    Post subject: Reply with quote

So, I wrote (actually adopted exciting Debian patch) for Gentoo vixie-cron that make it possible to select what events will be logged. Besides, I modified init script and conf.d file to set this option on vixie-cron start. And some ebuild modification as well.
What's next? How can I submit this to Gentoo to make this feature available?
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Tue May 17, 2016 10:59 pm    Post subject: Reply with quote

cz0 wrote:
So, I wrote (actually adopted exciting Debian patch) for Gentoo vixie-cron that make it possible to select what events will be logged. Besides, I modified init script and conf.d file to set this option on vixie-cron start. And some ebuild modification as well.
What's next? How can I submit this to Gentoo to make this feature available?

cz0 ... you would open a bug on b.g.o, providing the patch, modified ebuild, etc. However, if this patch is as it was (ie, one mega-patch) then it'll most likely be rejected.

best ... khay
Back to top
View user's profile Send private message
cz0
Apprentice
Apprentice


Joined: 13 Jun 2005
Posts: 244
Location: /earth/russia/moscow

PostPosted: Wed May 18, 2016 5:04 am    Post subject: Reply with quote

khayyam wrote:
cz0 ... you would open a bug on b.g.o, providing the patch, modified ebuild, etc. However, if this patch is as it was (ie, one mega-patch) then it'll most likely be rejected.
best ... khay

Nop. A hate this universe-sized Debian patches. A spent some unpleasant hours digging this particular out and adopting it to actual vixie-cron version. Hope, it will be accepted.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum