Version: 1.697
linux / debian13
lfd firewall settings keep sending me messages that /var/log/messages doesn't exist (and it doesn't).
I've done the basics, verifying rsyslog is running etc.
This says it should: https://docs.directadmin.com/directadmin/general-usage/directories-and-locations.html
I'm at a loss at this point, I know ubuntu doesn't use /var/log/messages but does directadmin use it? Should I just tell the firewall to not look at it?
Thanks
David
linux / debian13
lfd firewall settings keep sending me messages that /var/log/messages doesn't exist (and it doesn't).
I've done the basics, verifying rsyslog is running etc.
root@server:/var/log# service rsyslog status
● rsyslog.service - System Logging Service
Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; preset: enabled)
Active: active (running) since Mon 2026-03-23 23:53:46 UTC; 12min ago
TriggeredBy: ● syslog.socket
Docs: man:rsyslogd(8)
man:rsyslog.conf(5)
https://www.rsyslog.com/doc/
Process: 228758 ExecStartPre=/usr/lib/rsyslog/reload-apparmor-profile (code=exited, status=0/SUCCESS)
Main PID: 228763 (rsyslogd)
Tasks: 4 (limit: 4601)
Memory: 1.6M (peak: 5.2M)
CPU: 130ms
CGroup: /system.slice/rsyslog.service
└─228763 /usr/sbin/rsyslogd -n -iNONE
Mar 23 23:53:46 server systemd[1]: Starting rsyslog.service - System Logging Service...
Mar 23 23:53:46 server systemd[1]: Started rsyslog.service - System Logging Service.
This says it should: https://docs.directadmin.com/directadmin/general-usage/directories-and-locations.html
I'm at a loss at this point, I know ubuntu doesn't use /var/log/messages but does directadmin use it? Should I just tell the firewall to not look at it?
Thanks
David
I think I got this sorted.
Had to uncomment a line in the rsyslog config in
Then make the /var/log/messages file
Set permissions right
Restart it
Seems to have done the trick.
Had to uncomment a line in the rsyslog config in
/etc/rsyslog.d/50-default.conf
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
Then make the /var/log/messages file
touch /var/log/messages
Set permissions right
sudo chown syslog:adm /var/log/messages
sudo chmod 640 /var/log/messages
Restart it
systemctl restart rsyslog
Seems to have done the trick.
Seems to have done the trick.
Good choice. Earlier on Debian used /var/log/syslog and then one could just change /var/log/messages to /var/log/syslog in the csf.conf file and restart csf and lfd and things were fine.
However since Debian 12, the Syslog is replaced by journalctl. Seems the Debian devs forgot that some applications depend on logfiles and sometimes they also require to be saved due to government reasons.
So in that case your solution can fix that issue. Good job!
Good choice. Earlier on Debian used /var/log/syslog and then one could just change /var/log/messages to /var/log/syslog in the csf.conf file and restart csf and lfd and things were fine.
However since Debian 12, the Syslog is replaced by journalctl. Seems the Debian devs forgot that some applications depend on logfiles and sometimes they also require to be saved due to government reasons.
So in that case your solution can fix that issue. Good job!
That's the solution I use, simply editing the csf.conf file. That stops CSF complaining.
- Page :
- 1
There are no replies made for this post yet.