Disable console logging (sysmsg) in Solaris

November 12, 08 by cjgibbs

I often disable the GUI login on my Solaris machines for simplicity, so they just sit at the console login prompt. This presents a problem because by default Solaris sends logs to the console via /dev/sysmsg. This means that system errors, kernel and authentication notices are right out there for the world to see. So I like to redirect these logs to a more secure location (and keep my console nice and pretty).

The config file is /etc/syslog.conf. Comment out the line:

*.err;kern.notice;auth.notice                  /dev/sysmsg

by putting a # in front of it, or point to a new file location.

You should notice that most of these messages are being captured by the line below it as well and are being sent to /var/adm/messages. That’s a good place for these logs so leave that. However, it’s not capturing the auth.notice messages. Look a bit further down the file and you’ll see an ‘auth.notice’ line that’s commented out. Uncomment that line (make sure loghost is set in /etc/hosts) and your auth messages should be sent to /var/log/authlog. Which is a much nicer location than the console don’t you think?

User errors are defined further down the file and it also has an entry for logging user errors to /dev/sysmsg so you can comment that out as well if desired.

Date Wednesday, 12 Nov 08 at 4:00 pm
Under Solaris, Tips
You can follow any responses to this entry through the RSS 2.0 feed .
You can leave a response , or trackback from your own site .

This entry no have comments... but you can be first.

Bits on Bytes bits on iphone, programming, and all things tech

Disable console logging (sysmsg) in Solaris

Leave a Reply

About

Twitter Updates

Recent Post

Archives

Blogroll

Categories

Meta