System/Network Engineer, Akira Muramatsu's tech blog from Huntington Beach, CA, USA
6/19/2014
[OpenSSL] How to generate CSR and SSL Key
User must be root.
Generate Key
# openssl genrsa -des3 -out server.key 2048
Generate CSR
# openssl req -new -key server.key -out server.csr
Check CSR
# openssl req -noout -text -in server.csr
Write password in the key
# openssl rsa -in server.key -out servera.key
6/04/2014
How to disable dhclient log and rsyncd.log in /var/log/messages on EC2
On Amazon EC2 instances, DHCP client logs are filled with /var/log/messages because EC2 uses DHCP service for getting their IP addresses and by default DHCP client activities are logged in /var/log/messages. I can't track other system activities than DHCP client log, then I disabled the dhcp client logs.
How to disable DHCP Client log
1, Edit /etc/rsyslog.conf
2, add ';dhclient.none' in the following line and save it.
Before
*.info;mail.none;authpriv.none;cron.none /var/log/messages
After
*.info;mail.none;authpriv.none;cron.none;dhclient.none /var/log/messages
3, restart rsyslog
# service rsyslog restart
Notes: I asked the AWS tech support about this, then they also don't know the solution. Their workaround is to grep /var/log/messages to remove dhclient lines and redirect another text file.
#grep -v dhclient /var/log/messages > /var/log/messages-nodhclient.log
The syslog facility of dhclient is hard coded in the source to "LOG_DAEMON". You can change the setting with "LOG_DAEMON" not to log in /var/log/messages but you'll miss any other "LOG_DAEMON" activities in /var/log/messages. So it's hard to remove only dhclient logs in the /var/log/messages.
How to move rsync logs to xinetd.log
1, Edit /etc/xinetd.conf like following and save it.
Before
log_type = SYSLOG daemon info
After
# log_type = SYSLOG daemon info
log_type = FILE /var/log/xinetd.log
2, Reload xinetd service
#service xinetd reload
3, Add log rotation for xinetd.log
Create log rotate setting for xinetd.log like following
# vi /etc/logrotate.d/xinetd
#=====
/var/log/xinetd.log {
rotate 10
daily
compress
delaycompress
missingok
postrotate
/bin/kill -HUP `cat /var/run/xinetd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
#=====
4, force log rotate by the following command
#logrotate -f /etc/logrotate.conf
How to disable DHCP Client log
I tested this solution but the result is that no more system activities are logged in /var/log/messages.
So don't use this solution.
1, Edit /etc/rsyslog.conf
2, add ';dhclient.none' in the following line and save it.
Before
*.info;mail.none;authpriv.none;cron.none /var/log/messages
After
*.info;mail.none;authpriv.none;cron.none;dhclient.none /var/log/messages
3, restart rsyslog
# service rsyslog restart
Notes: I asked the AWS tech support about this, then they also don't know the solution. Their workaround is to grep /var/log/messages to remove dhclient lines and redirect another text file.
#grep -v dhclient /var/log/messages > /var/log/messages-nodhclient.log
The syslog facility of dhclient is hard coded in the source to "LOG_DAEMON". You can change the setting with "LOG_DAEMON" not to log in /var/log/messages but you'll miss any other "LOG_DAEMON" activities in /var/log/messages. So it's hard to remove only dhclient logs in the /var/log/messages.
How to move rsync logs to xinetd.log
1, Edit /etc/xinetd.conf like following and save it.
Before
log_type = SYSLOG daemon info
After
# log_type = SYSLOG daemon info
log_type = FILE /var/log/xinetd.log
2, Reload xinetd service
#service xinetd reload
3, Add log rotation for xinetd.log
Create log rotate setting for xinetd.log like following
# vi /etc/logrotate.d/xinetd
#=====
/var/log/xinetd.log {
rotate 10
daily
compress
delaycompress
missingok
postrotate
/bin/kill -HUP `cat /var/run/xinetd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
#=====
4, force log rotate by the following command
#logrotate -f /etc/logrotate.conf
Subscribe to:
Posts (Atom)