Différences

Ci-dessous, les différences entre deux révisions de la page.

--- raspberry:log [02-07-2013 22:17]
edmc73 [Terrain]
+++ raspberry:log [04-03-2021 20:34] (Version actuelle)
edmc73
@@ Ligne 1: / Ligne 1: @@
-====== Limiter les logs ======
+====== Log et service ======
 Comme vous le savez, le raspberry tourne sur une SDcard, et cette mémoire flash n'aime pas trop les écritures à outrance.
@@ Ligne 6: / Ligne 6: @@
-===== Terrain =====
+===== Les logs =====
-<code># find -mtime -1 -type f -exec ls -l {} \;
+<code>
+# cd /var/log
+# find -mtime -1 -type f -exec ls -l {} \;
 -rw-r--r-- 1 root root 86111 juil.  2 21:41 ./samba/log.smbd
 -rw-r--r-- 1 root root 1829 juil.  1 21:49 ./samba/log.nmbd
@@ Ligne 25: / Ligne 27: @@
 </code>
-On va analyser tous les fichiers qui ont été modifié récemment.
+On va analyser tous les fichiers qui ont été modifié récemment et qui ont une taille élevée.
+==== Samba ====
+Extrait
+<code>
+[2013/07/03 21:13:36.351018,  0] printing/print_cups.c:110(cups_connect)
+  Unable to connect to CUPS server localhost:631 - Connection refused
+[2013/07/03 21:13:36.352343,  0] printing/print_cups.c:487(cups_async_callback)
+  failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
+[2013/07/03 21:26:37.070193,  0] printing/print_cups.c:110(cups_connect)
+  Unable to connect to CUPS server localhost:631 - Connection refused
+[2013/07/03 21:26:37.071525,  0] printing/print_cups.c:487(cups_async_callback)
+  failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
+[2013/07/03 21:39:37.829379,  0] printing/print_cups.c:110(cups_connect)
+  Unable to connect to CUPS server localhost:631 - Connection refused
+[2013/07/03 21:39:37.830682,  0] printing/print_cups.c:487(cups_async_callback)
+  failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
+[2013/07/03 21:52:38.517540,  0] printing/print_cups.c:110(cups_connect)
+  Unable to connect to CUPS server localhost:631 - Connection refused
+[2013/07/03 21:52:38.518854,  0] printing/print_cups.c:487(cups_async_callback)
+  failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
+[2013/07/03 22:05:39.251127,  0] printing/print_cups.c:110(cups_connect)
+  Unable to connect to CUPS server localhost:631 - Connection refused
+[2013/07/03 22:05:39.252537,  0] printing/print_cups.c:487(cups_async_callback)
+  failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
+[2013/07/03 22:18:40.010082,  0] printing/print_cups.c:110(cups_connect)
+  Unable to connect to CUPS server localhost:631 - Connection refused
+[2013/07/03 22:18:40.011400,  0] printing/print_cups.c:487(cups_async_callback)
+  failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
+[2013/07/03 22:31:40.778366,  0] printing/print_cups.c:110(cups_connect)
+  Unable to connect to CUPS server localhost:631 - Connection refused
+[2013/07/03 22:31:40.779682,  0] printing/print_cups.c:487(cups_async_callback)
+  failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
+[2013/07/03 22:44:41.517855,  0] printing/print_cups.c:110(cups_connect)
+  Unable to connect to CUPS server localhost:631 - Connection refused
+[2013/07/03 22:44:41.519169,  0] printing/print_cups.c:487(cups_async_callback)
+  failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL
+</code>
+Editez votre fichier de config **/etc/samba/smb.conf** et passez **load_printer = no** et ajoutez les lignes qui suivent
+<code>
+########## Printing ##########
+# If you want to automatically load your printer list rather
+# than setting them up individually then you'll need this
+   load printers = no
+   show add printer wizard = no
+   printcap name = /dev/null
+   disable spoolss = yes
+</code>
+Relancez samba
+  service samba restart
+==== auth.log ====
+Extrait :
+<code>
+Jul  4 19:48:59 edmchome sshd[8201]: Failed password for root from 80.84.55.183 port 11919 ssh2
+Jul  4 19:48:59 edmchome sshd[8201]: Disconnecting: Too many authentication failures for root [preauth]
+Jul  4 19:48:59 edmchome sshd[8201]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.84.55.183  user=root
+Jul  4 19:48:59 edmchome sshd[8201]: PAM service(sshd) ignoring max retries; 6 > 3
+Jul  4 19:49:01 edmchome sshd[8205]: reverse mapping checking getaddrinfo for 183-55-84-80.rackcentre.redstation.net.uk [80.84.55.183] failed - POSSIBLE BREAK-IN ATTEMPT!
+Jul  4 19:49:02 edmchome sshd[8205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.84.55.183  user=root
+Jul  4 19:49:03 edmchome sshd[8205]: Failed password for root from 80.84.55.183 port 12041 ssh2
+Jul  4 19:49:07 edmchome sshd[8205]: Failed password for root from 80.84.55.183 port 12041 ssh2
+Jul  4 19:49:09 edmchome sshd[8205]: Failed password for root from 80.84.55.183 port 12041 ssh2
+Jul  4 19:49:11 edmchome sshd[8205]: Failed password for root from 80.84.55.183 port 12041 ssh2
+Jul  4 19:49:13 edmchome sshd[8205]: Failed password for root from 80.84.55.183 port 12041 ssh2
+Jul  4 19:49:16 edmchome sshd[8205]: Failed password for root from 80.84.55.183 port 12041 ssh2
+Jul  4 19:49:16 edmchome sshd[8205]: Disconnecting: Too many authentication failures for root [preauth]
+Jul  4 19:49:16 edmchome sshd[8205]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.84.55.183  user=root
+Jul  4 19:49:16 edmchome sshd[8205]: PAM service(sshd) ignoring max retries; 6 > 3
+Jul  4 19:49:18 edmchome sshd[8209]: reverse mapping checking getaddrinfo for 183-55-84-80.rackcentre.redstation.net.uk [80.84.55.183] failed - POSSIBLE BREAK-IN ATTEMPT!
+Jul  4 19:49:19 edmchome sshd[8209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.84.55.183  user=root
+Jul  4 19:49:20 edmchome sshd[8209]: Failed password for root from 80.84.55.183 port 12167 ssh2
+Jul  4 19:49:22 edmchome sshd[8209]: Failed password for root from 80.84.55.183 port 12167 ssh2
+Jul  4 19:49:25 edmchome sshd[8209]: Failed password for root from 80.84.55.183 port 12167 ssh2
+Jul  4 19:49:28 edmchome sshd[8209]: Failed password for root from 80.84.55.183 port 12167 ssh2
+Jul  4 19:49:31 edmchome sshd[8209]: Failed password for root from 80.84.55.183 port 12167 ssh2
+Jul  4 19:49:33 edmchome sshd[8209]: Failed password for root from 80.84.55.183 port 12167 ssh2
+Jul  4 19:49:33 edmchome sshd[8209]: Disconnecting: Too many authentication failures for root [preauth]
+Jul  4 19:49:33 edmchome sshd[8209]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.84.55.183  user=root
+Jul  4 19:49:33 edmchome sshd[8209]: PAM service(sshd) ignoring max retries; 6 > 3
+Jul  4 19:49:35 edmchome sshd[8213]: reverse mapping checking getaddrinfo for 183-55-84-80.rackcentre.redstation.net.uk [80.84.55.183] failed - POSSIBLE BREAK-IN ATTEMPT!
+Jul  4 19:49:35 edmchome sshd[8213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.84.55.183  user=root
+Jul  4 19:49:37 edmchome sshd[8213]: Failed password for root from 80.84.55.183 port 12290 ssh2
+Jul  4 19:49:40 edmchome sshd[8213]: Failed password for root from 80.84.55.183 port 12290 ssh2
+Jul  4 19:49:43 edmchome sshd[8213]: Failed password for root from 80.84.55.183 port 12290 ssh2
+Jul  4 19:49:45 edmchome sshd[8213]: Failed password for root from 80.84.55.183 port 12290 ssh2
+Jul  4 19:49:47 edmchome sshd[8213]: Failed password for root from 80.84.55.183 port 12290 ssh2
+Jul  4 19:49:50 edmchome sshd[8213]: Failed password for root from 80.84.55.183 port 12290 ssh2
+Jul  4 19:49:50 edmchome sshd[8213]: Disconnecting: Too many authentication failures for root [preauth]
+Jul  4 19:49:50 edmchome sshd[8213]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.84.55.183  user=root
+Jul  4 19:49:50 edmchome sshd[8213]: PAM service(sshd) ignoring max retries; 6 > 3
+</code>
+A peine un port ssh ouvert sur la toile que déjà des milliers de tentative de connexions qui génère des logs à n'en plus finir.
+On va donc modifier le niveau de verbosité des logs de sshd
+>LogLevel
+>  Donne le niveau de verbosité utilisé lors de l'enregistrement des messages du démon sshd Les valeurs possibles sont : QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
+>  Par défaut INFO. DEBUG et DEBUG1 sont équivalents. DEBUG2 et DEBUG3 spécifient des niveaux plus élevés de sortie de débogage. L'enregistrement à l'aide d'un niveau DEBUG a tendance à empiéter sur la vie privée des utilisateurs et n'est pas recommandé.
+  vi /etc/ssh/sshd_config
+  LogLevel QUIET
+  service ssh reload
+Inconvénient, plus de trace en cas de piratage, assurez vous d'avoir un bon mot de passe.
+voir aussi dans /etc/rsyslog.conf
+Commenter la ligne suivante pour ne plus rien recevoir dans /var/log/auth.log
+  #auth,authpriv.*                        /var/log/auth.log
+et relancez le service des journaux
+  service rsyslog restart
+---
+Dans auth.log il y a aussi un paquet de ligne venant de cron
+<code>
+Jun 24 20:35:01 edmchome CRON[9024]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:35:01 edmchome CRON[9024]: pam_unix(cron:session): session closed for user root
+Jun 24 20:36:01 edmchome CRON[9040]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:36:01 edmchome CRON[9040]: pam_unix(cron:session): session closed for user root
+Jun 24 20:37:01 edmchome CRON[9056]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:37:02 edmchome CRON[9056]: pam_unix(cron:session): session closed for user root
+Jun 24 20:38:01 edmchome CRON[9072]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:38:01 edmchome CRON[9072]: pam_unix(cron:session): session closed for user root
+Jun 24 20:39:01 edmchome CRON[9088]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:39:01 edmchome CRON[9088]: pam_unix(cron:session): session closed for user root
+Jun 24 20:40:01 edmchome CRON[9104]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:40:02 edmchome CRON[9104]: pam_unix(cron:session): session closed for user root
+Jun 24 20:41:01 edmchome CRON[9120]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:41:01 edmchome CRON[9120]: pam_unix(cron:session): session closed for user root
+Jun 24 20:42:01 edmchome CRON[9136]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:42:02 edmchome CRON[9136]: pam_unix(cron:session): session closed for user root
+Jun 24 20:43:01 edmchome CRON[9152]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:43:01 edmchome CRON[9152]: pam_unix(cron:session): session closed for user root
+Jun 24 20:44:01 edmchome CRON[9168]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:44:01 edmchome CRON[9168]: pam_unix(cron:session): session closed for user root
+Jun 24 20:45:01 edmchome CRON[9184]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:45:02 edmchome CRON[9184]: pam_unix(cron:session): session closed for user root
+Jun 24 20:46:01 edmchome CRON[9200]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:46:01 edmchome CRON[9200]: pam_unix(cron:session): session closed for user root
+Jun 24 20:47:01 edmchome CRON[9216]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:47:02 edmchome CRON[9216]: pam_unix(cron:session): session closed for user root
+Jun 24 20:48:01 edmchome CRON[9232]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:48:01 edmchome CRON[9232]: pam_unix(cron:session): session closed for user root
+Jun 24 20:49:01 edmchome CRON[9248]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:49:01 edmchome CRON[9248]: pam_unix(cron:session): session closed for user root
+Jun 24 20:50:01 edmchome CRON[9264]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:50:02 edmchome CRON[9264]: pam_unix(cron:session): session closed for user root
+Jun 24 20:51:01 edmchome CRON[9280]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:51:01 edmchome CRON[9280]: pam_unix(cron:session): session closed for user root
+Jun 24 20:52:01 edmchome CRON[9296]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:52:02 edmchome CRON[9296]: pam_unix(cron:session): session closed for user root
+Jun 24 20:53:01 edmchome CRON[9312]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:53:01 edmchome CRON[9312]: pam_unix(cron:session): session closed for user root
+Jun 24 20:54:01 edmchome CRON[9328]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:54:01 edmchome CRON[9328]: pam_unix(cron:session): session closed for user root
+Jun 24 20:55:01 edmchome CRON[9344]: pam_unix(cron:session): session opened for user root by (uid=0)
+</code>
+=== 1ère méthode trouvé sur le net mais qui ne marche pas pour moi ===
+Pour éviter ça, modifiez **/etc/pam.d/common-session-noninteractive**
+  vi /etc/pam.d/common-session-noninteractive
+après la ligne
+  session required pam_unix.so
+ajoutez
+  session [success=1 default=ignore] pam_succeed_if.so service in cron quiet use_uid
+Redémarrez le service crond
+  service cron restart
+=== 2ème méthode qui marche pour moi :) ===
+Configurer le rsyslog pour exclure ce type d'entrée dans les logs. Editez le fichier **/etc/rsyslog.conf**
+  vi /etc/rsyslog.conf
+Modifiez la ligne
+  auth,authpriv.*                 /var/log/auth.log
+par
+  :msg, contains, "pam_unix(cron:session)" ~
+  auth,authpriv.*                 /var/log/auth.log
+et redémarrez le service des journaux
+  service rsyslog restart
+==== messages ====
+==== syslog ====
+Extrait:
+<code>
+Jul  4 06:26:19 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:26:31 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:26:43 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:26:59 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:27:18 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:27:33 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:27:49 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:28:05 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:28:15 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:28:34 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:28:46 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:28:57 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:29:11 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:29:21 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:29:31 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:29:50 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:30:00 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:30:10 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:30:25 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:30:32 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:30:46 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:30:56 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:31:11 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:31:20 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:31:31 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:31:45 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:31:55 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:32:09 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:32:18 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:32:26 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:32:35 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:32:55 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:33:11 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:33:30 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:33:44 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:33:54 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:34:08 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:34:20 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:34:30 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+Jul  4 06:34:39 edmchome dhclient: DHCPREQUEST on eth0 to 192.168.0.254 port 67
+</code>
+Rien trouvé de concret sur le net à part configurer son réseau en ip static ce dont je n'ai pas envie de faire.
+Ma solution un peu brut mais qui marche est de faire un
+  killall dhclient
+----
+Extrait
+<code>
+Jul  5 09:17:01 edmchome /USR/SBIN/CRON[9951]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 10:17:01 edmchome /USR/SBIN/CRON[9996]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 11:17:01 edmchome /USR/SBIN/CRON[10117]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 12:17:01 edmchome /USR/SBIN/CRON[10163]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 13:17:01 edmchome /USR/SBIN/CRON[10592]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 14:17:01 edmchome /USR/SBIN/CRON[13626]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 15:17:01 edmchome /USR/SBIN/CRON[16127]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 16:17:01 edmchome /USR/SBIN/CRON[16790]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 17:17:01 edmchome /USR/SBIN/CRON[16832]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 18:17:01 edmchome /USR/SBIN/CRON[16876]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 19:17:01 edmchome /USR/SBIN/CRON[16920]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 20:17:01 edmchome /USR/SBIN/CRON[16961]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+Jul  5 21:17:01 edmchome /USR/SBIN/CRON[17163]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly > /dev/null)
+</code>
+> Solution trouvé ici http://serverfault.com/questions/432718/avoiding-log-noise-from-cron-jobs-with-syslog-ng-rather-than-syslog
+Editer le fichier **/etc/default/cron** puis dé-commentez la dernière ligne en spécifiant
+  EXTRA_OPTS='-L 4'
+Ce qui permet de logguer tout de même les erreurs, sinon remplacez 4 par 0
+Un petit redémarrage du service au cas ou
+  service cron restart
+==== user.log ====
+==== wtmp ====
+==== rsnapshot.log ====
+==== kern.log ====
+Extrait :
+<code>
+Jul  3 00:49:15 edmchome kernel: [219188.969066] net_ratelimit: 2423 callbacks suppressed
+Jul  3 00:49:15 edmchome kernel: [219188.969107] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.969815] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.969866] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.969968] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.970058] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.970093] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.970121] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.970146] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.970188] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:15 edmchome kernel: [219188.970215] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.272645] net_ratelimit: 3043 callbacks suppressed
+Jul  3 00:49:22 edmchome kernel: [219196.272699] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.273692] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.273777] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.273889] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.273941] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.273967] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.274021] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.274191] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.274233] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:49:22 edmchome kernel: [219196.274259] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219244] net_ratelimit: 3633 callbacks suppressed
+Jul  3 00:51:44 edmchome kernel: [219338.219286] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219383] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219516] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219554] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219598] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219664] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219705] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219732] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219754] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+Jul  3 00:51:44 edmchome kernel: [219338.219830] smsc95xx 1-1.1:1.0: eth0: kevent 2 may have been dropped
+</code>
+Solution trouvé : http://wood1978.dyndns.org/~wood/wordpress/2013/04/03/fix-smsc95xx-1-1-11-0-eth0-kevent-2-may-have-been-dropped-on-raspberry-pi-with-arch-linux
+Ajouter smsc95xx.turbo_mode=N dans le fichier **/boot/cmdline.txt**
+  smsc95xx.turbo_mode=N dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=noop rootdelay=24
+Modifier ou ajoutez les valeurs suivantes dans le fichier **/etc/sysctl.conf**
+  #vm.vfs_cache_pressure = 100
+  vm.vfs_cache_pressure = 300
+  #vm.min_free_kbytes=8192
+  vm.min_free_kbytes=32768
+Mettez à jour sysctl
+  sysctl -p
+==== lastlog ====
+==== daemon.log ====
+===== Les services =====
+==== console-kit-daemon ====
+Le paquet ConsoleKit est un environnement pour garder une trace des différents utilisateurs, des sessions, et des places présents sur un système. Il offre aux logiciels un mécanisme pour réagir aux modifications de ces éléments ou d'une des métadonnées qui y est associée.
+==== polkitd ====
+==== triggerhappy ====
+==== dbus-daemon ====
+===== Stopper tous les logs =====
+Solution radicale pour éviter l'écriture des logs
+  sudo systemctl stop rsyslog
+  sudo systemctl disable rsyslog
+ou
+Edit the file /etc/rsyslog.conf and just after the section starting
+  ###############
+  #### RULES ####
+  ###############
+add the following line.
+  *.*     ~
+If you want to be more fine-grained you will need to read the file comments.
+Do not forget to restart rsyslog daemon:
+  sudo service rsyslog restart

Outils pour utilisateurs

Outils du site

Différences

Outils de la page