Description of problem:
During debugging a host with running syslog-ng I found that the RHL 7.3 standard
installation with sysklogd and postfix also has this issue.

If sysklogd is restarted, postfix's chroot'ed smtpd lost its log unix socket,
resulting that many information will no longer be logged.

Version-Release number of selected component (if applicable):
postfix-1.1.7-2
sysklogd-1.4.1-8


How reproducible:
Always

Steps to Reproduce:
1.Start ssklogd and postfix
2.Monitor /var/log/maillog
3.Connect from outside to host, deliver an e-mail (but connect is enough)
4.Restart sysklogd

    

Actual Results:  No longer logging of smtpd and nqmgr in some cases

Expected Results:  Still logging further on

Additional info:

Fix (todo: adjust postfix spec file)
# mkdir -p 755 /var/spool/postfix/dev

Specify extra log socket for now
--- /etc/sysconfig/syslog.orig  Wed Feb 12 07:39:41 2003
+++ /etc/sysconfig/syslog       Wed Feb 12 07:48:28 2003
@@ -3,7 +3,7 @@
 # -r enables logging from remote machines
 # -x disables DNS lookups on messages recieved with -r
 # See syslogd(8) for more details
-SYSLOGD_OPTIONS="-m 0"
+SYSLOGD_OPTIONS="-m 0 -a /var/spool/postfix/dev/log"
 # Options to klogd
 # -2 prints all kernel oops messages twice; once for klogd to decode, and
 #    once for processing with 'ksymoops'


Perhaps more intelligence is required whether postfix is installed or not, so it
would be better to check this in syslog-initscript like
if [ -d /var/spool/postfix/dev ]; then
 SYSLOGD_OPTIONS="$SYSLOGD_OPTIONS -a /var/spool/postfix/dev/log"
fi

I've set severtiy to "security" because unexpected loose of loglines is imho a
security issue.