Yeah, one of my colleagues was kind enough to inform me about the installation of "apparmor" on that particular machine. Explains a lot, really. Thanks for your attention, please mock me at your leisure. Bill Snow On Thu, 28 Oct 2010, Bill Snow wrote:
I have a openSUSE 11.3 system that I installed syslog-ng on through package management. The intention of the simple config is to get it to write log file messages from one program (pdns) to a separate log file outside of /var/log.
No matter what I do with the file and directory permissions, I always get something like: syslog-ng[17864]: Error opening file for writing; filename='/opt/home/user/logs/pdns.log', error='Permission denied (13)' in the log file.
syslog-ng is running as root, as follows:
# ps xo pid,ppid,user,cmd | grep syslog 17863 1 root supervising syslog-ng 17864 17863 root /sbin/syslog-ng
The special config lines in /etc/syslog-ng/syslog-ng.conf look like this:
filter f_dyson { match('^pdns'); }; destination dyson { file("/opt/home/user/logs/pdns.log" perm(0644)); }; log { source(src); filter(f_dyson); destination(dyson); };
Googling around indicated a possible problem with capability management, but that is turned off in my version:
# syslog-ng --version syslog-ng 3.1.1 Installer-Version: 3.1.1 Revision: ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.1#master#8747d74491eac3fdf5052194f47a68e659633ca9 Compile-Date: Jul 5 2010 13:47:02 Enable-Threads: off Enable-Debug: off Enable-GProf: off Enable-Memtrace: off Enable-Sun-STREAMS: off Enable-Sun-Door: off Enable-IPv6: on Enable-Spoof-Source: on Enable-TCP-Wrapper: on Enable-SSL: off Enable-SQL: off Enable-Linux-Caps: off Enable-Pcre: on
I tried explicitly setting the user/group for the destination file in case syslog-ng was trying to write the file with a non-privileged owner in a directory owned by root.... and also tried setting the directory permissions to 777 just in case.
Moving the destination to /var/log/pdns.log works. Of course that's not where I want the file.
Anybody have an idea of what might be going on here?
Thanks,
Bill Snow
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html