View previous topic :: View next topic |
Author |
Message |
Yttrium n00b
Joined: 22 Oct 2009 Posts: 29 Location: Germany
|
Posted: Mon Nov 16, 2009 11:49 pm Post subject: Completely disable logs |
|
|
Hi,
how can I completely disable logs. I mean everything: kernel logs, ssh logs, mail logs, login logs, really everything, including things I don't even know they're logged. I am using syslog-ng, I guess it's not sufficient to unmerge it.
One idea to get rid of most logs would be to mount /dev/null on /var/log. Unfortunately I am told that /dev/null is not a block device.
Of course you could prevent logs from being created, but you would have to configure every program by hand and perhaps some tools don't even have an option to disable logging. _________________ LILA - Live Iptables Log Analyzer |
|
Back to top |
|
|
01allein Tux's lil' helper
Joined: 09 Jun 2009 Posts: 127 Location: AUSTRALIA
|
Posted: Tue Nov 17, 2009 12:22 am Post subject: |
|
|
Dont you want to get logs for your system.
I mean, I guess you dont want to waste space by logs being created, Am I right? |
|
Back to top |
|
|
kardolus Tux's lil' helper
Joined: 13 Apr 2005 Posts: 120 Location: Amsterdam
|
Posted: Tue Nov 17, 2009 12:22 am Post subject: |
|
|
I do not think you can, because /var/log is a standard part of the linux system. A lot of different programs and modules put their logs in /var/log, so you would have to edit a lot of source code to stop that.
I guess you could make a script that clears your logfiles and then you could put it in your crontab.
I am curious, why do you want to disable all your logs?
PS. Usually when you install Linux it is a good idea to put /var on a separate partition so your root filesystem will not be affected when the logs get huge for some reason. _________________ Smokey, this is not 'Nam. This is bowling. There are rules.
http://twitter.com/GKardolus
Last edited by kardolus on Tue Nov 17, 2009 1:12 am; edited 1 time in total |
|
Back to top |
|
|
eccerr0r Watchman
Joined: 01 Jul 2004 Posts: 9838 Location: almost Mile High in the USA
|
Posted: Tue Nov 17, 2009 12:52 am Post subject: |
|
|
On my CF and Flash based systems, I symlink or make a tmpfs directory for all locations that have logs, so it saves some durability. I test the machine by running with rootfs readonly; currently I have a somewhat dated but nevertheless working CF disk with X11 using Gentoo that runs with the root disk read-only.
The problem is that not all logs are done through syslog. Some have their own facilities such as utmp/wtmp which are handled by utempter, and those that just write wantonly into /var or /etc (like /etc/mtab, and /var/spool/mail)... these you have to manually discover. _________________ Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
Back to top |
|
|
Yttrium n00b
Joined: 22 Oct 2009 Posts: 29 Location: Germany
|
Posted: Tue Nov 17, 2009 8:54 am Post subject: |
|
|
Hmm... I thought about the tmpfs, too. I already put my iptables logs on my personal external firewall on a tmpfs. So there's no way of mounting /dev/null or something similiar?
kardolus wrote: | I am curious, why do you want to disable all your logs? |
(playing X-Files music) Some government agencies are pursuing me. (/musik)
Seriously, it's just out of curiosity and it saves place. I never read the logs so why should they be created in the first place? (rhetorical question) _________________ LILA - Live Iptables Log Analyzer |
|
Back to top |
|
|
kardolus Tux's lil' helper
Joined: 13 Apr 2005 Posts: 120 Location: Amsterdam
|
Posted: Tue Nov 17, 2009 1:07 pm Post subject: |
|
|
You could also mount your ram disk to /var/log with something like this
Code: | rm -rf /var/log/* > /dev/null 2>&1
mke2fs -m0 /dev/ram0 > /dev/null 2>&1
mount -t ext2 /dev/ram0 /var/log |
If it works out you could append it to your boot.local. _________________ Smokey, this is not 'Nam. This is bowling. There are rules.
http://twitter.com/GKardolus |
|
Back to top |
|
|
richard.scott Veteran
Joined: 19 May 2003 Posts: 1497 Location: Oxfordshire, UK
|
Posted: Tue Nov 17, 2009 1:32 pm Post subject: |
|
|
Why not just mount /dev/shm/log as /var/log?
Code: | mkdir /dev/shm/log
mount -o bind /dev/shm/log /var/log |
/dev/shm is already a tmpfs (RAM) filesystem. |
|
Back to top |
|
|
eccerr0r Watchman
Joined: 01 Jul 2004 Posts: 9838 Location: almost Mile High in the USA
|
Posted: Tue Nov 17, 2009 3:40 pm Post subject: |
|
|
Another idea is to somehow get http://www.filesystems.org/project-unionfs.html working - and have that second disk to be ramdisk. Otherwise there's really no way but to figure out exactly which apps are writing to disk and quell them. _________________ Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
Back to top |
|
|
|