X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: =?ISO-8859-1?Q?Ren=E9_Berber?= <r DOT berber AT computer DOT org>
Subject:  Re: cygrunsrv stderr and stdout only to a syslog-ng log?
Date:  Tue, 21 Mar 2006 16:54:34 -0600
Lines: 65
Message-ID: <dvq079$cj6$1@sea.gmane.org>
References:  <20060321214505 DOT 62914 DOT qmail AT web31302 DOT mail DOT mud DOT yahoo DOT com>
Mime-Version:  1.0
Content-Type:  text/plain; charset=ISO-8859-1
Content-Transfer-Encoding:  quoted-printable
User-Agent: Thunderbird 1.5 (Windows/20051201)
In-Reply-To: <20060321214505.62914.qmail@web31302.mail.mud.yahoo.com>
OpenPGP: url=ldap://keyserver.pgp.com
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Bryan D. Thomas wrote:

> I've found in cygrunsrv.README that the -1 and -2
> arguments may be used to specify that output of stdout
> and stderr go to a log file instead of to the Windows
> Event Log.

You are probably misunderstanding, those options change the default which i=
s to
send any cygrunsrv output to /var/log/<sevice_name.log> which usually is em=
pty
since each service does its own logging.

> I'm using cygrunsrv to run two services: sshd and
> syslog-ng.  I'm using syslog-ng to collect timestamped
> log entries from sshd and do postprocessing with
> filters.  What I want to do is stop logging sshd
> events also to the Windows Event Log.

What you describe is already being done: if sshd, for instance, finds that
syslogd is running when it starts it uses it, if not it uses the Windows ev=
ent log.

So all you need is to start syslogd, it works fine if all services are star=
ted
at the same time (automatic in services starup type).

> Is it possible to specify in the cygrunsrv arguments
> to install the sshd service (I suppose by editing the
> ssh-host-config script) that the log events will go to
> syslog-ng, but will not go to the Windows Event Log?

Only one log.  And don't change the script, if you need to change anything,=
 and
you don't, change the sshd configuration.

> For example, if I used -1 /var/log/sshd.log and -2
> /var/log/sshd.log, would that work nicely with the
> syslog-ng which is using those same files as a target,
> or would I get contention, or duplicate lines?

It doesn't work as you describe at all.

> Or, could I use -1 /dev/log -2 /dev/log and syslog-ng
> would pick up all the output to the unix-dgram but
> only enter it once in the log?
>=20
> Or, could I use -1 /dev/null -2 /dev/null, but
> syslog-ng would keep working as it is today, and only
> the Windows Event Log would no longer get sshd events?
>=20
> I also cannot tell from the documentation I've been
> able to find whether it is possible to change the -1
> and -2 options for an installed service.  Can I simply
> stop the service, run cygrunsrv or edit the registry,
> then start the service?

Don't edit the registry (you are dangerous!), don't run cygrunsrv... just
install the service and start it (which in the case of sshd is done by the
installation script).
--=20
Ren=E9 Berber


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/