From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Serge E. Hallyn" Subject: Re: Containers syslog support? Date: Tue, 14 Apr 2009 09:21:14 -0500 Message-ID: <20090414142113.GA6072@us.ibm.com> References: <20090413215315.GA28487@versecorp.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <20090413215315.GA28487-SqNQQPNds68nxqbYAscKCQ@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: "Chris R. Jones" Cc: containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org List-Id: containers.vger.kernel.org Quoting Chris R. Jones (chris-SqNQQPNds68nxqbYAscKCQ@public.gmane.org): > Hello again, > > Another question on containers. This time, for syslog. Is there any > containers support to isolate syslog entries for different containers? > That is, is there any way I can run two different syslogd processes in > two different containers, in such a way that each syslogd process only > sees and logs events generated by processes in it's own container? > > Are syslog messages covered under one of the other namespaces (pids, utsname, sysv ipc, network, users), or is there a seperate namespace for them. > > Thanks, > Chris You can run syslogd in two different containers if they have different network namespaces, bc /dev/log should be different for each. So if user-space software is using syslog(3) it's msgs should stay inside the container. I haven't played with it, though. If you run a quick (presumably trivial) test, pls let us know how it goes. (Of course kernel (printk) messages will go to the klogd in the initial network namespace, as they should.) -serge