From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2) Gecko/20021126 Description of problem: There seems to be no way (short of fixing the source code and recompiling the package) to get syslog to NOT strip the domain name from source host names when that domain name matches the syslog-host's domain name. For example, even without the '-s' option on the syslogd command-line, if a host's name is: host.foo.com ...then any message logged from a source IP address that has a PTR record pointing to something else in foo.com will have the domain stripped. Ie a message from logger.foo.com get's logged as having been sent by 'logger' (without the 'foo.com'). That's wrong, according to syslog's manual page, according to how it behaves on other *nix platforms, and according to my personal needs. :-) I need to be able to see a fully-qualified domain name. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Start syslogd with -r. 2. Log a message from another server (one with a fully-qualified PTR record pointing to a name in the same domain as the log host). (Kiwi Sysloggen can be used for this.) 3. Check the log files - the parent domain will have been stripped from the host field of the message. Very frustrating. Actual Results: Domain is stripped. Expected Results: Domain should not be stripped unless it is explicitely requested with -s. Additional info: Seems to depend on the host name as reflected by /etc/hosts entries. If you make it unqualified for the first name that matches the address that syslogd is listening on, then it stops stripping the domain names. That seems broken.
Sorry for the delay in getting to this bug - this one seems to have slipped through the cracks. I think it is a reasonable default to strip the local domain from remote logging host names, and now people are used to it, so it will be retained as the default. But there should be way of disabling all domain name stripping if desired, without having to put your local host address as an unqualified name in /etc/hosts (and putting "files" before "dns" in nsswitch.conf). The next version of syslogd will accept a "-s ''" option meaning to strip NO domain names, including the local host - you could then put this option the in the SYSLOGD_OPTIONS variable in /etc/sysconfig/syslog to disable ALL domain name stripping. And perhaps the local domain to be stripped by default should be that from getdomainname(3) rather than whatever follows the first '.' in the local host name. This bug is really an enhancement request and will be fixed shortly in a forthcoming Fedora / Rawhide release .
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still running Red Hat Linux, you are strongly advised to upgrade to a current Fedora Core release or Red Hat Enterprise Linux or comparable. Some information on which option may be right for you is available at http://www.redhat.com/rhel/migrate/redhatlinux/. Red Hat apologizes that these issues have not been resolved yet. We do want to make sure that no important bugs slip through the cracks. Please check if this issue is still present in a current Fedora Core release. If so, please change the product and version to match, and check the box indicating that the requested information has been provided. Note that any bug still open against Red Hat Linux on will be closed as 'CANTFIX' on September 30, 2006. Thanks again for your help.
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still running Red Hat Linux, you are strongly advised to upgrade to a current Fedora Core release or Red Hat Enterprise Linux or comparable. Some information on which option may be right for you is available at http://www.redhat.com/rhel/migrate/redhatlinux/. Closing as CANTFIX.