From Hackepedia
Jump to navigationJump to search

a syslogd usually opens which are written down in the syslog.conf file in /etc, it also makes a /dev/log UNIX socket in order to receive messages from programs designed to write to syslog.

If there is a chroot on the system (say named) then syslogd needs to be told to add another socket inside the chroot for /dev/log such as /var/named/dev/log if the chroot is inside /var/named.

syslogd is smart enough to recognize multiple messages that are the same. It will often add "last message repeated 100 times" or such.