Kernel logs on console

1

Hello

We run AlmaLinux 9.5 on several cloud servers at hetzner. They offer a web based console which is actually overflodded with kernel messages from nftables. In case of emergency it would not be possible to login. I think that this console goes via a kinda emulated tty.

Do you have an idea to stop these messages?

I tried some ideas which found , but nothing helped.

Thanks!

Kind regards.

2

Can you run this?

sudo dmesg | grep nftables

If that doesn’t turn back a lot of results, then run:

sudo systemctl mask nftables
sudo systemctl reboot

If it does give a lot of results try running:

sudo dnf install grubby -y
sudo grubby --update-kernel ALL --args quiet
sudo systemctl reboot
3

Thanks for the quick answer.

sudo dmesg | grep nftables no return, silent.

I never have used systemctl mask before. I learned a minute a go, masking a service makes impossible to load the service. Is this right?

Maybe i have to say, that nftables is the firewall service we use. We log the all drop-messages to rsyslog.

Thanks!

4

Yes, it will prevent it from being started and loaded. It’s a more advanced version of disable.
Do you have a screenshot of the web console displaying the error messages?

5
  1. Then you cannot disable the nftables because you need the firewall
  2. You cannot remove the log rules from firewall either, because you want them
  3. I bet that nftables (kernel) actually logs to systemd-journald. The rsyslog simply reads from journald
  4. Who does actually write to console? Kernel, journald, or rsyslog? If it is rsyslog, then change its rules so that those “drop” messages are written only to file, not console
6

I solved the issue with the entry kernel.printk = 3 4 1 3 stored in a file in the folder /etc/sysctl.d. nftables continues to log with rsyslog to a logfile and the console remains silent.

Thanks!

.

7

This topic was automatically closed 360 days after the last reply. New replies are no longer allowed.