Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] postfix - log file
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Joseph_sys
Advocate
Advocate


Joined: 08 Jun 2004
Posts: 2571
Location: Edmonton, AB

PostPosted: Thu May 24, 2012 5:16 am    Post subject: [SOLVED] postfix - log file Reply with quote

Where is the posftix log file define?
I'm using syslog-ng and see there:
...
destination messages { file("/var/log/messages"); };
...

but I don't see any log file in /var/log/maillog or mail.
_________________
#Thelma


Last edited by Joseph_sys on Thu May 24, 2012 7:02 pm; edited 1 time in total
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6347
Location: /usr/lib64/lv2

PostPosted: Thu May 24, 2012 1:53 pm    Post subject: Reply with quote

You want to emerge syslog-ng with the "hardened" use flag. Syslog-ng will then produce individual logs for everything in /var/log. You'll be able to find your mail (postfix) messages in /var/log/mail.

See the postfix link in my sig for more detailed information.
_________________
Gentoo Studio: A Gentoo-based, professional digital audio workstation OS.
Back to top
View user's profile Send private message
darkphader
Veteran
Veteran


Joined: 09 May 2002
Posts: 1199
Location: Motown

PostPosted: Thu May 24, 2012 3:52 pm    Post subject: Reply with quote

audiodef wrote:
You want to emerge syslog-ng with the "hardened" use flag.

Didn't even know about this. There's no mention in the ufed output.
However, I customized my syslog organization some time ago:
Code:
destination messages { file("/var/log/messages"); };
destination d_cron { file("/var/log/detail/cron.log"); };
destination d_mail { file("/var/log/mail/maillog.log"); };
destination d_mailinfo { file("/var/log/mail/mailinfo.log"); };
destination d_mailwarn { file("/var/log/mail/mailwarn.log"); };
destination d_mailerr { file("/var/log/mail/mailerr.log"); };
destination d_mailreject { file("/var/log/mail/mailreject.log"); };
destination d_fetchmail { file("/var/log/mail/fetchmail.log"); };
destination d_local6 { file("/var/log/mail/imapd.log"); };
destination d_ntp { file("/var/log/detail/ntp.log"); };
destination d_router { file("/var/log/detail/router.log"); };
destination d_auth { file("/var/log/detail/auth.log"); };
destination d_named { file("/var/log/detail/named.log"); };
destination d_unbound { file("/var/log/detail/unbound.log"); };
destination d_nsd { file("/var/log/detail/nsd.log"); };
destination d_daemon { file("/var/log/detail/daemon.log"); };
destination d_kern { file("/var/log/detail/kern.log"); };
destination d_clamupdate { file("/var/log/detail/freshclam.log"); };
destination d_user { file("/var/log/detail/user.log"); };
destination d_dhcpd { file("/var/log/detail/dhcpd.log"); };
destination d_slapd { file("/var/log/detail/slapd.log"); };
destination d_cupsd { file("/var/log/cups/cupsd.log"); };
destination d_server { file("/var/log/detail/server.log"); };
destination d_wap { file("/var/log/detail/wap.log"); };
destination d_rsync { file("/var/log/detail/rsync.log"); };
destination d_kerberos { file("/var/log/detail/kerberos.log"); };
destination d_samba { file("/var/log/samba/audit.log"); };
destination console_all { file("/dev/tty12"); };

filter f_mail { facility(mail); };
filter f_cron { facility(cron); };
filter f_clamupdate { program(freshclam); };
filter f_ntp { program(ntpd); };
filter f_fetchmail { program(fetchmail); };
filter f_local3 { facility(local3); };
filter f_local4 { facility(local4); };
filter f_local5 { facility(local5); };
filter f_local6 { facility(local6); };
filter f_local7 { facility(local7); };
filter f_server { host("sserver"); };
filter f_router { host("stargate"); };
filter f_wap { host("wap"); };
filter f_info { level(info); };
filter f_notice { level(notice); };
filter f_warn { level(warn); };
filter f_crit { level(crit); };
filter f_err { level(err); };
filter f_wce { level(warn, crit, err); };
filter f_reject { match("keyword" value("reject")); };
filter f_named { program(named); };
filter f_unbound { program(unbound); };
filter f_nsd { program(nsd); };
filter f_cupsd { program(cupsd); };
filter f_dhcpd { program(dhcpd); };
filter f_slapd { program(slapd); };
filter f_rsync { program(rsync); };
filter f_auth { facility(auth); };
filter f_daemon { facility(daemon); };
filter f_kern { facility(kern); };
filter f_user { facility(user); };

log { source(s_udp); filter(f_server); destination(d_server); };
log { source(s_udp); filter(f_router); destination(d_router); };
log { source(s_udp); filter(f_wap); destination(d_wap); };
log { source(src); filter(f_fetchmail); filter(f_fetchmail); destination(d_fetchmail); flags(); };
log { source(src); filter(f_mail); filter(f_reject); destination(d_mailreject); };
log { source(src); filter(f_mail); filter(f_info); destination(d_mailinfo); };
log { source(src); filter(f_mail); filter(f_warn); destination(d_mailwarn); };
log { source(src); filter(f_mail); filter(f_err); destination(d_mailerr); };
log { source(src); filter(f_mail); destination(d_mail); flags(); };
log { source(src); filter(f_clamupdate); destination(d_clamupdate); flags(); };
log { source(src); filter(f_local3); destination(d_samba); flags(final); };
log { source(src); filter(f_local5); destination(d_kerberos); flags(); };
log { source(src); filter(f_local6); destination(d_local6); flags(); };
log { source(src); filter(f_local4); filter(f_dhcpd); destination(d_dhcpd); flags(); };
log { source(src); filter(f_local4); filter(f_slapd); destination(d_slapd); flags(); };
log { source(src); filter(f_cupsd); destination(d_cupsd); flags(); };
log { source(src); filter(f_rsync); destination(d_rsync); flags(); };
log { source(src); filter(f_cron); destination(d_cron); flags(); };
log { source(src); filter(f_ntp); destination(d_ntp); flags(); };
log { source(src); filter(f_named); destination(d_named); flags(final); };
log { source(src); filter(f_unbound); destination(d_unbound); flags(final); };
log { source(src); filter(f_nsd); destination(d_nsd); flags(); };
log { source(src); filter(f_auth); destination(d_auth); };
log { source(src); filter(f_daemon); destination(d_daemon); };
log { source(src); filter(f_kern); destination(d_kern); };
log { source(src); filter(f_user); destination(d_user); };
log { source(src); destination(messages); };
log { source(src); destination(console_all); };
May need some cleanup but has been working for years.

Chris
_________________
WYSIWYG - What You See Is What You Grep
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6347
Location: /usr/lib64/lv2

PostPosted: Thu May 24, 2012 10:15 pm    Post subject: Reply with quote

darkphader wrote:
audiodef wrote:
You want to emerge syslog-ng with the "hardened" use flag.

Didn't even know about this. There's no mention in the ufed output.


If you mean eix or emerge -p syslog-ng output, "hardened" should be there.

Of course, using hardened doesn't mean you can't still customize your logs.
_________________
Gentoo Studio: A Gentoo-based, professional digital audio workstation OS.
Back to top
View user's profile Send private message
darkphader
Veteran
Veteran


Joined: 09 May 2002
Posts: 1199
Location: Motown

PostPosted: Thu May 24, 2012 10:34 pm    Post subject: Reply with quote

audiodef wrote:
If you mean eix or emerge -p syslog-ng output, "hardened" should be there.
Of course, using hardened doesn't mean you can't still customize your logs.

No, I mean ufed from app-portage/ufed. Yes the flag is clearly shown with an emerge -pv but it doesn't explain the meaning. Ufed is nice in that it lists most of the flags and what they do and can even be used to edit them although I generally directly edit make.conf. However even ufed doesn't explain the meaning of hardened for syslog-ng.
_________________
WYSIWYG - What You See Is What You Grep
Back to top
View user's profile Send private message
cach0rr0
Bodhisattva
Bodhisattva


Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas

PostPosted: Fri May 25, 2012 8:12 am    Post subject: Reply with quote

darkphader wrote:
audiodef wrote:
If you mean eix or emerge -p syslog-ng output, "hardened" should be there.
Of course, using hardened doesn't mean you can't still customize your logs.

No, I mean ufed from app-portage/ufed. Yes the flag is clearly shown with an emerge -pv but it doesn't explain the meaning. Ufed is nice in that it lists most of the flags and what they do and can even be used to edit them although I generally directly edit make.conf. However even ufed doesn't explain the meaning of hardened for syslog-ng.


blind guess - does ufed work by parsing/caching/whatever metadata.xml?

because there's no hardened entry in metadata.xml for syslog-ng

could explain it
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6347
Location: /usr/lib64/lv2

PostPosted: Fri May 25, 2012 12:46 pm    Post subject: Reply with quote

I see what you mean about hardened in ufed now. I think cach0rr0 nailed the problem.
_________________
Gentoo Studio: A Gentoo-based, professional digital audio workstation OS.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum