我已经为 Apache 虚拟主机设置了单独的错误日志。当我最近检查一些日志时,我在虚拟主机日志中发现了其他不相关程序的条目。
例如我在 /home/user1/domain1.com/logs/error_log 中得到如下条目:
Oct 2 22:09:16 server1 procmail[15394]: Couldn't rename bogus "/var/mail/nobody" into "/var/mail/BOGUS.nobody.5CoE"
Oct 2 22:09:16 server1 procmail[15393]: Couldn't rename bogus "/var/mail/nobody" into "/var/mail/BOGUS.nobody.5CoE"
Oct 2 22:09:16 server1 postfix/local[15187]: 362D216843F: to=<[email protected]>, relay=local, delay=129, delays=0.06/113/0/16, dsn=5.2.0, status=bounced (can't create user output file. Command output: procmail: Renaming bogus mailbox "/var/mail/nobody" info "/var/mail/BOGUS.nobody.5CoE" procmail: Couldn't create "/var/mail/nobody" )
Oct 2 22:09:16 server1 postfix/local[15265]: 362F2168442: to=<[email protected]>, relay=local, delay=129, delays=0.06/113/0/16, dsn=5.2.0, status=bounced (can't create user output file. Command output: procmail: Renaming bogus mailbox "/var/mail/nobody" info "/var/mail/BOGUS.nobody.5CoE" procmail: Couldn't create "/var/mail/nobody" )
Oct 2 22:09:16 server1 postfix/qmgr[3316]: 362F2168442: removed
Oct 2 22:09:16 server1 postfix/qmgr[3316]: 362D216843F: removed
Oct 2 22:09:27 server1 webmin[15397]: Successful login as user from ip.add.re.ss
Oct 2 22:10:01 server1 crond[15443]: (user) CMD (/usr/local/maldetect/maldet --mkpubpaths >> /dev/null 2>&1)
为什么这些条目会出现在 Apache 日志中?我该如何修复它们?
答案1
您的输出看起来像 syslogd 的输出,它看起来不像 apache 的 error_log,以下是 apache 的错误日志:
[Tue Oct 02 15:03:55 2012] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Tue Oct 02 15:03:55 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Oct 02 15:03:55 2012] [notice] Digest: generating secret for digest authentication ...
[Tue Oct 02 15:03:55 2012] [notice] Digest: done
[Tue Oct 02 15:03:56 2012] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations
[Tue Oct 02 15:03:58 2012] [notice] caught SIGTERM, shutting down
* 更新 *
您需要查看相应的 httpd.conf(或类似的文件)并确保您的虚拟主机确实使用该文件来写入日志。
还要查看您的 syslogd 配置,因为它可能也使用相同的文件来写入日志。