jsykora
Enthusiast
Enthusiast

syslog.conf overwritten after patching - any particular reason why?

Our company policy set requires external monitoring of our ESX hosts using syslog forwarding, which is configured in syslog.conf. However I noticed some time ago that any time a VMware update or patch even gets close to anything to do with the syslogd it overwrites our modified syslog.conf file with the factory default. I have procedures in place to change the file back to our standardized settings followed by a functionality test, but I guess my general question concerns why VMware feels the need to overwrite this file so much in the first place?

Tags (3)
0 Kudos
7 Replies
gary1012
Expert
Expert

I've been meaning to ask my account rep why I have go through this each patch cycle too. It looks like patches are altering /etc/modules.conf as well. As part of my testing cycle and verification I have to cp over syslog.conf and comment out the USB additions in modules.conf. It would be nice if this didn't occur...

Community Supported, Community Rewarded - Please consider marking questions answered and awarding points to the correct post. It helps us all.
0 Kudos
lamw
Community Manager
Community Manager

Wow this is still happening? I filed a bug during Update2 release as this was overriding our default syslog.conf as well, then realized when U3 came out this continued to happen. I was assured by the rep that an internal bug would be filed and I would have thought this would have been fixed through one of the updates or in U4. What update of ESX 3.5 are you using? Might need to re-file another bug, unfortunately I don't have the SR # for the previous bug I had filed.

=========================================================================

William Lam

VMware vExpert 2009

VMware ESX/ESXi scripts and resources at:

If you find this information useful, please award points for "correct" or "helpful".

0 Kudos
jsykora
Enthusiast
Enthusiast

We just moved to ESX 3.5 U4, but this has been happening on every major release of 3.5 since it came out. It seems like it would be something so simple to fix, yet has been going on for so long.

0 Kudos
lamw
Community Manager
Community Manager

I'm quite surprised this is still occurring then, the issue lies in one of the RPM package installations, it does not backup the original config if one exists prior to the upgrade. I agree, this would not be difficult to do. It would probably be best that you file a new ticket with VMware and hopefully this has been remediated in vSphere release.

=========================================================================

William Lam

VMware vExpert 2009

VMware ESX/ESXi scripts and resources at:

If you find this information useful, please award points for "correct" or "helpful".

0 Kudos
jsykora
Enthusiast
Enthusiast

I filed a VMware SR and got a quick response. There is a patch that partially resolves this issue by copying the customized syslog.conf file to a syslog.conf.orig.%y%m%d%H%M file and also creates a default syslog.conf file. It currently does not enable the syslog.conf to be automatically preserved. At least it's a step in the right direction. I'm going to test this out and will see how it works next patch cycle.

The Patch Information could be found at titled VMware ESX 3.5, Patch ESX350-200901405-BG: Updates VMware-esx-lnxcfg.

0 Kudos
macgreen
Contributor
Contributor

Still happening on ESX Server 3.5 U5. Went to perform some checks and found no records on my remote syslog server. Last entries match the date U5 was installed.

Is there a syslog.conf.local possible ?

This is a pain having to do this change every time a patching occurs.

»»»»»»»»»»»»»»

• ESX Server 3.5 U5 • VirtualCenter 2.5 U6 (VM) / MS SQL 2005 (VCDB,VUMDB) • SAN Infrastructure (FC) • NetBackup for VMware 6.5.5 • VCB 1.5

My environment:- vSphere 4.1 : • ESX 4.1 Servers • vCenter Server 4.1 (VM) : - Windows Server 2008 64bit - MS SQL 2005 (VCDB/VUMDB) • NetBackup 6.5.5 - VCB 1.5 U1 • FC SAN
0 Kudos
lamw
Community Manager
Community Manager

Very unfortunate to hear that this has still not been resolved by engineering.

What we ended up doing as a workaround during U2 release when we discovered the bug during our testing was to write a wrapper script around the upgrade process to backup the syslog.conf, upgrade and before the reboot, copy the old syslog.conf back in. You may need to do something similar as a workaround. Though if you use VUM, then you'll need to automate this post-upgrade, during U2 days, there was no VUM and we did patching/upgrades using automated shell scripts.

It's definitely painful when you're managing 100+ hosts and especially painful if you had different syslog.conf files which we had for different datacenters.

I would definitely re-file a bug ....though I don't know how useful it'll be since VI3.5 is EOL soon =[

I'm hoping they've resolved this in vSphere but I haven't done any upgrades with vSphere, most of our builds have been rebuilds as its faster and cleaner. Though I know not all organizations can take that route, I know in my past job that was not even an option, had to be an upgrade.

=========================================================================

William Lam

VMware vExpert 2009

VMware scripts and resources at:

Twitter: @lamw

Getting Started with the vMA (tips/tricks)

Getting Started with the vSphere SDK for Perl

VMware Code Central - Scripts/Sample code for Developers and Administrators

VMware Developer Community

If you find this information useful, please award points for "correct" or "helpful".

0 Kudos