# Disable syslogd



## abhay4589 (Dec 2, 2013)

I have a centralized log server in place. Now, since logging is done using RELP of rsyslogd *I* want to disable the syslog daemon that comes with the base. I have tried the following settings in rc.conf:

```
syslogd_enable="NO"
syslogd_flags="NONO"
newsyslogd_enable="NO"
rsyslogd_enable="YES"
rsyslogd_pidfile=/var/run/syslogd.pid
```
but still no luck, When the system starts I have to kill the syslogd daemon manually. Unless I reboot the system, rsyslogd will take all of the CPU time. Utilization would be at 90%. When I kill both syslogd and rsyslogd and restart rsyslogd everything runs perfectly fine.


----------



## ShelLuser (Dec 2, 2013)

You don't need to specify the whole lot. If you don't want syslogd in the base system to be started during boot then all you need to specify in /etc/rc.conf is:


```
syslogd_enable="NO"
```
After that it won't start. If some process does get started during boot then I suspect this to be something else. For example; does the server use any jails by some chance?

_Edit_: s/of\ the\ base/in\ the\ base/


----------



## ronaldlees (Dec 2, 2013)

I used the following (in /etc/rc.conf):


```
syslogd_flags="-s -s"
```

per

http://lists.freebsd.org/pipermail/freebsd-questions/2007-January/140144.html

and it works to keep syslogd from running ...


----------



## abhay4589 (Dec 3, 2013)

"-s -S" did the trick, Thanks. But *I* still wonder why I can't just disable it?


----------



## ronaldlees (Dec 3, 2013)

I imagine that the 
	
	



```
syslogd_enable="NO"
```
 in rc.conf disables the daemon for remote access, but leaves the socket.  That's the way I read the manual, but I haven't tested it.  The double -s prevents the socket from being created.


----------



## ronaldlees (Dec 3, 2013)

This thread probably ought to be in something other than off-topic.  Moderators?


----------



## SirDice (Dec 3, 2013)

Agreed. 

As a note, 
	
	



```
syslogd_enable="NO"
```
 will prevent syslogd from starting. 
	
	



```
syslogd_flags="-ss"
```
 tells syslogd not to open a port and only work locally.


----------



## abhay4589 (Dec 3, 2013)

I know this is the wrong forum for this post, and I apologize for that. *I* was in hurry that day.

@SirDice, I have tried to dig through mailing lists and other available resources but still no luck. As I stated earlier I have to kill both syslogd and rsyslogd then restart rsyslogd, after that everything works fine. I have this problem in 9.2-RELEASE only. Here is the screenshot just after rebooting my test VM.

http://flic.kr/p/i4f3Mg


----------



## ronaldlees (Dec 3, 2013)

I've seen some other examples for disabling syslogd, but those entries had changed the "mark" interval.  Any downside to not doing that?  The other examples were as follows:


```
syslogd_flags="-s -s -m0"
```


----------

