Delete the linux system on / var / log / messages that how?

Delete the linux system on / var / log / messages that how?

• Install lsof
• Pid process View / var / log / messages file, fd, command
• Restore / var / log / messages
• Restart rsyslogd Service

# yum install lsof -y
# lsof|grep /var/log/messages
rsyslogd  12475          root    6w      REG                8,3    172822   33612673 /var/log/messages (deleted)
in:imjour 12475 12477    root    6w      REG                8,3    172822   33612673 /var/log/messages (deleted)
rs:main   12475 12478    root    6w      REG                8,3    172822   33612673 /var/log/messages (deleted)
# less /proc/12475/fd/6 > /var/log/messages  --此时文件已经恢复，但查看时还是显示delete
# systemctl restart rsyslog  --重启就正常了，但pid发生了变化