[Date Prev][Date Next]
Re: Syslog and OpenLDAP
You haven't specified your distribution, which makes it impossible for anyone
to succintly answer your question.
However, I'll pretend you said you are running Red Hat Enterprise Linux ES
version 3 with OpenLDAP 2.1.25 packages from Jehan Procaccia. If not, perhaps
this will help someone else.
First, you'll need to edit the file /etc/rc.d/init.d/ldap to remove the "-l
daemon" switches from the two places where slapd is invoked. This is a dumb
Red Hat modification that makes slapd log as "daemon" instead of "local4" like
it ought to.
Second, you'll need to add a line to /etc/syslog.conf that sends the ldap log
output to a separate file; something like:
Note that the white space above can include spaces and/or tabs; Red Hat is
shipping a reasonably up-to-date syslog unlike many other *nix variants (bad
cess to ye, HP-UX!).
Third, you will probably want to add the new log file to your logrotate
scheduling. Do this by editing the file /etc/logrotate.d/syslog to add the new
log file you've created to the list of files logrotate manages for syslog.
OK, you are basically done. Now modify your /etc/openldap/slapd.conf file to
set the loglevel of your desire; the bit settings are documented in the
Also worth noting - high log levels impact performance so fiercely that many
ldap clients will time out if the server is doing heavy logging. Use high log
levels only during debugging episodes and turn it off again when you are done.
PS: Sorry about the subject line mangling; your confirmation-driven email
authentication request came as something of a surprise.
On 31 Mar 2004 at 15:16, Chris Majewski wrote:
> How do I get syslog to log slapd stuff? Manpages ain't
> helping here.
> In particular, what should FOO be for the following
> line to do something useful in /etc/syslog.conf on
> a Linux box:
> FOO.* /var/log/slapd