syslog's unexpected behaviour

Hello,

The expected result of the following commands is a new entry in /var/log/mail.log with the content "test".

The actual result is a complete absence of information, as if the commands were never executed.


>sudo touch /var/log/mail.log

>syslog -s -k Facility mail Message test

>sudo tail -5 -f /var/log/mail.log


The same holds with any standard (unix) syslog facility.


The following daemons are involved in the problem:

com.apple.logd
com.apple.syslogd
com.apple.aslmanager
com.apple.emond.aslmanager


I unloaded /System/Library/LaunchDaemons/com.apple.syslogd and run /usr/bin/syslogd -d from the command line. According to the manual, I expected the server to stay attached to the controlling terminal and print debugging messages. The actual result is that the server does *not* stay attached to the terminal, without any warning or error.

Then I modified com.apple.syslogd to run the command in debug mode, and redirected standard-output and standard-error to a custom file. Reloading the server returns no debug output.


I would like to know if you have the same problem, or have a solution.


This is macOS 10.12.4

Up vote post of one-to-one Down vote post of one-to-one
1.2k views
Posted by
one-to-one
Reply
Add a Comment

Accepted Reply

Note: macOS 10.12.5 solves the problem with tcpdump. However, syslogd is still broken.

Posted by
one-to-one
Up vote reply of one-to-one Down vote reply of one-to-one
Post marked as solved
Add a Comment

Replies

>379 Views 0 Replies


Really?

Posted by
one-to-one
Up vote reply of one-to-one Down vote reply of one-to-one
Add a Comment

Really?

Indeed. The problem here is that you’ve asked a user level question (albeit an advanced user level question) in a developer forum. You might have better luck asking over in Apple Support Communities, run by AppleCare, and specifically the in Business and Education topic areas, where you’re more likely to find folks with 

syslogd
experience.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

No, no "luck" from the other forum.

No, I am not here to learn Apple's syslogd.


Did you run the above commands on your machine?

Did they work?

Posted by
one-to-one
Up vote reply of one-to-one Down vote reply of one-to-one
Add a Comment

Did you run the above commands on your machine?

No. I’m sorry but my remit is to provide code-level support for the APIs published via Apple’s various platform SDKs.

If you get completely stuck you can escalate this via AppleCare, who do provide command line support at their higher tier support levels.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Use AppleCare to let you know about your broken syslogd and hope for a fix?


I did it, shortly after the release of macOS 10.12.4, because the new release

broke tcpdump. The result is, that tcpdump is still broken.

I have two problems with 10.12.4, tcpdump and syslogd. I used them extensively

in the past 3 years, until the last macOS update. Since I cannot rely on macOS

anymore, I must move on to a different OS, and thus to different hardware.

So long Apple, and thanks for all the bugs.

Posted by
one-to-one
Up vote reply of one-to-one Down vote reply of one-to-one
Add a Comment

Note: macOS 10.12.5 solves the problem with tcpdump. However, syslogd is still broken.

Posted by
one-to-one
Up vote reply of one-to-one Down vote reply of one-to-one
Post marked as solved
Add a Comment

Use AppleCare to let you know about your broken syslogd and hope for a fix?

Oh, I thought you were looking for help with this. If you’re goal is to report a bug, you can do that via Apple Bug Reporter.

Please post your bug number, just for the record.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Apple bug #26147938.

Posted by
one-to-one
Post not yet marked as solved Up vote reply of one-to-one Down vote reply of one-to-one
Add a Comment