Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Completely disable logs
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Yttrium
n00b
n00b


Joined: 22 Oct 2009
Posts: 29
Location: Germany

PostPosted: Mon Nov 16, 2009 11:49 pm    Post subject: Completely disable logs Reply with quote

Hi,

how can I completely disable logs. I mean everything: kernel logs, ssh logs, mail logs, login logs, really everything, including things I don't even know they're logged. ;-) I am using syslog-ng, I guess it's not sufficient to unmerge it.

One idea to get rid of most logs would be to mount /dev/null on /var/log. Unfortunately I am told that /dev/null is not a block device.

Of course you could prevent logs from being created, but you would have to configure every program by hand and perhaps some tools don't even have an option to disable logging.
_________________
LILA - Live Iptables Log Analyzer
Back to top
View user's profile Send private message
01allein
Tux's lil' helper
Tux's lil' helper


Joined: 09 Jun 2009
Posts: 127
Location: AUSTRALIA

PostPosted: Tue Nov 17, 2009 12:22 am    Post subject: Reply with quote

Dont you want to get logs for your system.

I mean, I guess you dont want to waste space by logs being created, Am I right?
Back to top
View user's profile Send private message
kardolus
Tux's lil' helper
Tux's lil' helper


Joined: 13 Apr 2005
Posts: 120
Location: Amsterdam

PostPosted: Tue Nov 17, 2009 12:22 am    Post subject: Reply with quote

I do not think you can, because /var/log is a standard part of the linux system. A lot of different programs and modules put their logs in /var/log, so you would have to edit a lot of source code to stop that.

I guess you could make a script that clears your logfiles and then you could put it in your crontab.

I am curious, why do you want to disable all your logs?

PS. Usually when you install Linux it is a good idea to put /var on a separate partition so your root filesystem will not be affected when the logs get huge for some reason.
_________________
Smokey, this is not 'Nam. This is bowling. There are rules.

http://twitter.com/GKardolus


Last edited by kardolus on Tue Nov 17, 2009 1:12 am; edited 1 time in total
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 9838
Location: almost Mile High in the USA

PostPosted: Tue Nov 17, 2009 12:52 am    Post subject: Reply with quote

On my CF and Flash based systems, I symlink or make a tmpfs directory for all locations that have logs, so it saves some durability. I test the machine by running with rootfs readonly; currently I have a somewhat dated but nevertheless working CF disk with X11 using Gentoo that runs with the root disk read-only.

The problem is that not all logs are done through syslog. Some have their own facilities such as utmp/wtmp which are handled by utempter, and those that just write wantonly into /var or /etc (like /etc/mtab, and /var/spool/mail)... these you have to manually discover.
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Yttrium
n00b
n00b


Joined: 22 Oct 2009
Posts: 29
Location: Germany

PostPosted: Tue Nov 17, 2009 8:54 am    Post subject: Reply with quote

Hmm... I thought about the tmpfs, too. I already put my iptables logs on my personal external firewall on a tmpfs. So there's no way of mounting /dev/null or something similiar?

kardolus wrote:
I am curious, why do you want to disable all your logs?

(playing X-Files music) Some government agencies are pursuing me. (/musik)

Seriously, it's just out of curiosity and it saves place. I never read the logs so why should they be created in the first place? (rhetorical question)
_________________
LILA - Live Iptables Log Analyzer
Back to top
View user's profile Send private message
kardolus
Tux's lil' helper
Tux's lil' helper


Joined: 13 Apr 2005
Posts: 120
Location: Amsterdam

PostPosted: Tue Nov 17, 2009 1:07 pm    Post subject: Reply with quote

You could also mount your ram disk to /var/log with something like this
Code:
rm -rf /var/log/* > /dev/null 2>&1
mke2fs -m0 /dev/ram0 > /dev/null 2>&1
mount -t ext2 /dev/ram0 /var/log

If it works out you could append it to your boot.local.
_________________
Smokey, this is not 'Nam. This is bowling. There are rules.

http://twitter.com/GKardolus
Back to top
View user's profile Send private message
richard.scott
Veteran
Veteran


Joined: 19 May 2003
Posts: 1497
Location: Oxfordshire, UK

PostPosted: Tue Nov 17, 2009 1:32 pm    Post subject: Reply with quote

Why not just mount /dev/shm/log as /var/log?

Code:
mkdir /dev/shm/log
mount -o bind /dev/shm/log /var/log


/dev/shm is already a tmpfs (RAM) filesystem.
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 9838
Location: almost Mile High in the USA

PostPosted: Tue Nov 17, 2009 3:40 pm    Post subject: Reply with quote

Another idea is to somehow get http://www.filesystems.org/project-unionfs.html working - and have that second disk to be ramdisk. Otherwise there's really no way but to figure out exactly which apps are writing to disk and quell them.
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum