Bug 210057

Summary:	LTP 20060918 breaks sysklog
Product:	[Fedora] Fedora	Reporter:	Michal Piotrowski <michal.k.k.piotrowski>
Component:	sysklogd	Assignee:	Peter Vrabec <pvrabec>
Status:	CLOSED NOTABUG	QA Contact:	Brian Brock <bbrock>
Severity:	high	Docs Contact:
Priority:	medium
Version:	6
Target Milestone:	---
Target Release:	---
Hardware:	i386
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2006-11-13 10:53:50 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Michal Piotrowski 2006-10-09 19:23:48 UTC

Description of problem:
After running Linux Test Project 20060918
(http://prdownloads.sourceforge.net/ltp/ltp-full-20060918.tgz?download) sysklogd
doesn't work anymore.

Oct  9 18:44:18 euridica kernel: warning: process `sysctl03' used the removed
sysctl system call
Oct  9 18:44:18 euridica kernel: warning: process `sysctl03' used the removed
sysctl system call
Oct  9 18:44:19 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:44:19 euridica kernel: Kernel log daemon terminating.
Oct  9 18:44:20 euridica exiting on signal 15
Oct  9 18:44:25 euridica syslogd 1.4.1: restart.
Oct  9 18:44:25 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:44:25 euridica kernel: audit(1160412265.935:8): avc:  denied  { write
} for  pid=15318 co
mm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=use
r_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:25 euridica kernel: audit(1160412265.935:9): avc:  denied  { read
append } for  pid=15
318 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tconte
xt=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:25 euridica kernel: audit(1160412265.977:10): avc:  denied  { write
} for  pid=15321 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:25 euridica kernel: audit(1160412265.977:11): avc:  denied  { read
append } for  pid=1
5321 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:28 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:44:28 euridica kernel: Kernel log daemon terminating.
Oct  9 18:44:29 euridica exiting on signal 15
Oct  9 18:44:29 euridica syslogd 1.4.1: restart.
Oct  9 18:44:29 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:44:29 euridica kernel: audit(1160412269.493:12): avc:  denied  { write
} for  pid=15348 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:29 euridica kernel: audit(1160412269.493:13): avc:  denied  { read
append } for  pid=1
5348 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:29 euridica kernel: audit(1160412269.514:14): avc:  denied  { write
} for  pid=15351 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:29 euridica kernel: audit(1160412269.514:15): avc:  denied  { read
append } for  pid=1
5351 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:33 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:44:33 euridica kernel: Kernel log daemon terminating.
Oct  9 18:44:34 euridica exiting on signal 15
Oct  9 18:44:34 euridica syslogd 1.4.1: restart.
Oct  9 18:44:34 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:44:34 euridica kernel: audit(1160412274.956:16): avc:  denied  { write
} for  pid=15377 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:34 euridica kernel: audit(1160412274.956:17): avc:  denied  { read
append } for  pid=1
5377 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:34 euridica kernel: audit(1160412274.978:18): avc:  denied  { write
} for  pid=15380 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:34 euridica kernel: audit(1160412274.978:19): avc:  denied  { read
append } for  pid=1
5380 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:39 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:44:39 euridica kernel: Kernel log daemon terminating.
Oct  9 18:44:40 euridica exiting on signal 15
Oct  9 18:44:40 euridica syslogd 1.4.1: restart.
Oct  9 18:44:40 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:44:40 euridica kernel: audit(1160412280.458:20): avc:  denied  { write
} for  pid=15404 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:40 euridica kernel: audit(1160412280.458:21): avc:  denied  { read
append } for  pid=1
5404 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:40 euridica kernel: audit(1160412280.478:22): avc:  denied  { write
} for  pid=15407 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:40 euridica kernel: audit(1160412280.479:23): avc:  denied  { read
append } for  pid=1
5407 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:44 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:44:44 euridica kernel: Kernel log daemon terminating.
Oct  9 18:44:45 euridica exiting on signal 15
Oct  9 18:44:45 euridica syslogd 1.4.1: restart.
Oct  9 18:44:45 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:44:45 euridica kernel: audit(1160412285.869:24): avc:  denied  { write
} for  pid=15431 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:45 euridica kernel: audit(1160412285.869:25): avc:  denied  { read
append } for  pid=1
5431 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:45 euridica kernel: audit(1160412285.890:26): avc:  denied  { write
} for  pid=15434 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:45 euridica kernel: audit(1160412285.890:27): avc:  denied  { read
append } for  pid=1
5434 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:50 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:44:50 euridica kernel: Kernel log daemon terminating.
Oct  9 18:44:51 euridica exiting on signal 15
Oct  9 18:44:51 euridica syslogd 1.4.1: restart.
Oct  9 18:44:51 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:44:51 euridica kernel: audit(1160412291.288:28): avc:  denied  { write
} for  pid=15458 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:51 euridica kernel: audit(1160412291.288:29): avc:  denied  { read
append } for  pid=1
5458 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:51 euridica kernel: audit(1160412291.314:30): avc:  denied  { write
} for  pid=15461 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:51 euridica kernel: audit(1160412291.314:31): avc:  denied  { read
append } for  pid=1
5461 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:55 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:44:55 euridica kernel: Kernel log daemon terminating.
Oct  9 18:44:56 euridica exiting on signal 15
Oct  9 18:44:56 euridica syslogd 1.4.1: restart.
Oct  9 18:44:56 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:44:56 euridica kernel: audit(1160412296.703:32): avc:  denied  { write
} for  pid=15485 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:56 euridica kernel: audit(1160412296.704:33): avc:  denied  { read
append } for  pid=1
5485 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:44:56 euridica kernel: audit(1160412296.725:34): avc:  denied  { write
} for  pid=15488 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:44:56 euridica kernel: audit(1160412296.725:35): avc:  denied  { read
append } for  pid=1
5488 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:00 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:45:00 euridica kernel: Kernel log daemon terminating.
Oct  9 18:45:01 euridica exiting on signal 15
Oct  9 18:45:02 euridica syslogd 1.4.1: restart.
Oct  9 18:45:02 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:45:02 euridica kernel: audit(1160412302.108:36): avc:  denied  { write
} for  pid=15513 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:02 euridica kernel: audit(1160412302.108:37): avc:  denied  { read
append } for  pid=1
5513 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:02 euridica kernel: audit(1160412302.129:38): avc:  denied  { write
} for  pid=15516 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:02 euridica kernel: audit(1160412302.129:39): avc:  denied  { read
append } for  pid=1
5516 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:06 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:45:06 euridica kernel: Kernel log daemon terminating.
Oct  9 18:45:07 euridica exiting on signal 15
Oct  9 18:45:07 euridica syslogd 1.4.1: restart.
Oct  9 18:45:07 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:45:07 euridica kernel: audit(1160412307.521:40): avc:  denied  { write
} for  pid=15541 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:07 euridica kernel: audit(1160412307.521:41): avc:  denied  { read
append } for  pid=1
5541 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:07 euridica kernel: audit(1160412307.546:42): avc:  denied  { write
} for  pid=15544 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:07 euridica kernel: audit(1160412307.546:43): avc:  denied  { read
append } for  pid=1
5544 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:11 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:45:11 euridica kernel: Kernel log daemon terminating.
Oct  9 18:45:12 euridica exiting on signal 15
Oct  9 18:45:12 euridica syslogd 1.4.1: restart.
Oct  9 18:45:12 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:45:12 euridica kernel: audit(1160412312.938:44): avc:  denied  { write
} for  pid=15570 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:12 euridica kernel: audit(1160412312.939:45): avc:  denied  { read
append } for  pid=1
5570 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:12 euridica kernel: audit(1160412312.959:46): avc:  denied  { write
} for  pid=15573 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:12 euridica kernel: audit(1160412312.959:47): avc:  denied  { read
append } for  pid=1
5573 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:15 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:45:15 euridica kernel: Kernel log daemon terminating.
Oct  9 18:45:16 euridica exiting on signal 15
Oct  9 18:45:16 euridica SYSLOG_CASE3[15604]: syslogtst: daemon info test.
Oct  9 18:45:19 euridica syslogd 1.4.1: restart.
Oct  9 18:45:19 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:45:19 euridica kernel: audit(1160412319.737:52): avc:  denied  { write
} for  pid=15624 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:19 euridica kernel: audit(1160412319.738:53): avc:  denied  { read
append } for  pid=1
5624 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:19 euridica kernel: audit(1160412319.763:54): avc:  denied  { write
} for  pid=15627 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:19 euridica kernel: audit(1160412319.763:55): avc:  denied  { read
append } for  pid=1
5627 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:21 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:45:21 euridica kernel: Kernel log daemon terminating.
Oct  9 18:45:23 euridica exiting on signal 15
Oct  9 18:45:25 euridica log_pid_test[15660]: syslogtst: user info test.
Oct  9 18:45:28 euridica syslogd 1.4.1: restart.
Oct  9 18:45:28 euridica kernel: klogd 1.4.1, log source = /proc/kmsg started.
Oct  9 18:45:28 euridica kernel: audit(1160412328.565:60): avc:  denied  { write
} for  pid=15678 c
omm="syslogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:syslogd_t:s0 tcontext=us
er_u:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:28 euridica kernel: audit(1160412328.565:61): avc:  denied  { read
append } for  pid=1
5678 comm="syslogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:syslogd_t:s0 tcont
ext=user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:28 euridica kernel: audit(1160412328.591:62): avc:  denied  { write
} for  pid=15681 c
omm="klogd" name="[27851]" dev=pipefs ino=27851
scontext=user_u:system_r:klogd_t:s0 tcontext=user_u
:system_r:unconfined_t:s0 tclass=fifo_file
Oct  9 18:45:28 euridica kernel: audit(1160412328.591:63): avc:  denied  { read
append } for  pid=1
5681 comm="klogd" name="ltp.log" dev=sda1 ino=3679471
scontext=user_u:system_r:klogd_t:s0 tcontext=
user_u:object_r:usr_t:s0 tclass=file
Oct  9 18:45:30 euridica kernel: Kernel logging (proc) stopped.
Oct  9 18:45:30 euridica kernel: Kernel log daemon terminating.
Oct  9 18:45:31 euridica exiting on signal 15
Oct  9 18:45:44 euridica log_cons_test: syslogtst: info to console test.
Oct  9 18:46:10 euridica syslogtst: syslogtst: emergency log
Oct  9 18:46:10 euridica syslogtst: syslogtst: alert log
Oct  9 18:46:10 euridica syslogtst: syslogtst: critical log
Oct  9 18:46:10 euridica syslogtst: syslogtst: error log
Oct  9 18:46:10 euridica syslogtst: syslogtst: warning log
Oct  9 18:46:10 euridica syslogtst: syslogtst: notice log
Oct  9 18:46:10 euridica syslogtst: syslogtst: info log
Oct  9 18:46:10 euridica syslogtst: syslogtst: debug log
Oct  9 18:46:19 euridica syslogtst: syslogtst: user info test.
Oct  9 18:46:25 euridica syslogtst: syslogtst: mail info test.
Oct  9 18:46:30 euridica syslogtst: syslogtst: daemon info test.
Oct  9 18:46:35 euridica syslogtst: syslogtst: auth info test.
Oct  9 18:46:41 euridica syslogtst: syslogtst: lpr info test.
Oct  9 18:46:50 euridica syslogtst: syslogtst: error level is logged
Oct  9 18:46:59 euridica syslogtst: syslogtst:10 error level is logged

Version-Release number of selected component (if applicable):
rpm -qa sysklogd
sysklogd-1.4.1-39.2

How reproducible:
Run syslog tests in LTP

cat /etc/sysconfig/syslog 
# Options to syslogd
# -m 0 disables 'MARK' messages.
# -r enables logging from remote machines
# -x disables DNS lookups on messages recieved with -r
# See syslogd(8) for more details
SYSLOGD_OPTIONS="-m 0"
# Options to klogd
# -2 prints all kernel oops messages twice; once for klogd to decode, and
#    once for processing with 'ksymoops'
# -x disables all klogd processing of oops messages entirely
# See klogd(8) for more details
KLOGD_OPTIONS="-x"
#
SYSLOG_UMASK=077
# set this to a umask value to use for all log files as in umask(1).
# By default, all permissions are removed for "group" and "other". 

cat /etc/syslog.conf 
user.info        /var/log/messages

Comment 1 Peter Vrabec 2006-11-09 12:27:20 UTC

/etc/syslog.conf isn't restored properly after these tests. Could you fix it 
at first.

$ cat /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 *

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log

Comment 2 Peter Vrabec 2006-11-10 09:03:45 UTC

Does it help?

Comment 3 Michal Piotrowski 2006-11-10 15:23:59 UTC

Yes, it does. Thanks.

"/etc/syslog.conf isn't restored properly after these tests."

Is it sysklogd problem or LTP bug?

Regards,
Michal

Comment 4 Peter Vrabec 2006-11-13 10:53:50 UTC

It's LTP bug.