Hello, I'm new to syslog-ng and trying to get named pipes to work. I'm running version 2.0.2. I get the following messages in the log on start up: Jan 12 10:09:02 netlog-e0 netlog syslog-ng[11791]: syslog-ng starting up; version='2.0.2' Jan 12 10:09:02 netlog-e0 netlog syslog-ng[11791]: Error opening file for writing; filename='/var/log/netlog/sec-pipe', error='No such file or directory (2)' In my conf file I have: destination dst_sec { pipe("/var/log/netlog/sec-pipe")}; On the host I have the pipe setup as: prw-r--r-- 1 syslog-ng syslog-ng 0 Jan 12 10:05 sec-pipe The syslog-ng process is run with user 'syslog-ng'. So I added the owner and group options for the pipe command and set them to syslog-ng and that resulted in the same message. Any ideas? -- Mike Rykowski NU-IT Telecommunications and Network Services
If you log in as the syslog-ng user and echo "hello" >> /var/log/netlog/sec-pipe does that work? -----Original Message----- From: syslog-ng-bounces@lists.balabit.hu [mailto:syslog-ng-bounces@lists.balabit.hu] On Behalf Of Mike Rykowski Sent: 12 January 2009 16:26 To: syslog-ng@lists.balabit.hu Subject: [syslog-ng] Getting named pipes to work Hello, I'm new to syslog-ng and trying to get named pipes to work. I'm running version 2.0.2. I get the following messages in the log on start up: Jan 12 10:09:02 netlog-e0 netlog syslog-ng[11791]: syslog-ng starting up; version='2.0.2' Jan 12 10:09:02 netlog-e0 netlog syslog-ng[11791]: Error opening file for writing; filename='/var/log/netlog/sec-pipe', error='No such file or directory (2)' In my conf file I have: destination dst_sec { pipe("/var/log/netlog/sec-pipe")}; On the host I have the pipe setup as: prw-r--r-- 1 syslog-ng syslog-ng 0 Jan 12 10:05 sec-pipe The syslog-ng process is run with user 'syslog-ng'. So I added the owner and group options for the pipe command and set them to syslog-ng and that resulted in the same message. Any ideas? -- Mike Rykowski NU-IT Telecommunications and Network Services ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
On Mon, 2009-01-12 at 10:25 -0600, Mike Rykowski wrote:
Hello,
I'm new to syslog-ng and trying to get named pipes to work. I'm running version 2.0.2. I get the following messages in the log on start up:
Jan 12 10:09:02 netlog-e0 netlog syslog-ng[11791]: syslog-ng starting up; version='2.0.2' Jan 12 10:09:02 netlog-e0 netlog syslog-ng[11791]: Error opening file for writing; filename='/var/log/netlog/sec-pipe', error='No such file or directory (2)'
In my conf file I have:
destination dst_sec { pipe("/var/log/netlog/sec-pipe")};
On the host I have the pipe setup as:
prw-r--r-- 1 syslog-ng syslog-ng 0 Jan 12 10:05 sec-pipe
The syslog-ng process is run with user 'syslog-ng'. So I added the owner and group options for the pipe command and set them to syslog-ng and that resulted in the same message.
Hmm... do you happen to use chroot? Because that might influence the paths. Also, try running syslog-ng under strace and see how it tries to open the pipe. If you have chroot related problems, please try the new 3.0 version of syslog-ng, that works much better with chroots and non-root usage. -- Bazsi
On Mon, 2009-01-12 at 20:17 +0000, Balazs Scheidler wrote:
Hmm... do you happen to use chroot? Because that might influence the paths.
Yes, here is how syslog-ng is run: syslog-ng -f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-ng.pid - C /var/log/netlog -u syslog-ng -- Mike Rykowski NU-IT Telecommunications and Network Services
Hi,
On Mon, 2009-01-12 at 20:17 +0000, Balazs Scheidler wrote:
Hmm... do you happen to use chroot? Because that might influence the paths.
Yes, here is how syslog-ng is run:
syslog-ng -f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-ng.pid - C /var/log/netlog -u syslog-ng
AppArmor? SElinux? These could cause issues just like you described. Regards, Sandor -------------------------------------------------------- NOTICE: If received in error, please destroy and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error.
On Mon, 2009-01-12 at 14:24 -0600, Mike Rykowski wrote:
On Mon, 2009-01-12 at 20:17 +0000, Balazs Scheidler wrote:
Hmm... do you happen to use chroot? Because that might influence the paths.
Yes, here is how syslog-ng is run:
syslog-ng -f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-ng.pid - C /var/log/netlog -u syslog-ng
Well, anything before 3.0 initialized the configuration _before_ chroot was in effect, thus the name of the files should be relative to the system root, and not inside the chroot. However in this case configuration file reload does not work, as the SIGHUP is processed when syslog-ng is already inside the chroot. In 3.0, I've changed this to be more consistent: the initial configuration is also loaded when the chroot is already in effect. If you'd like to use chroots, I'd recommend to use at least 3.0 -- Bazsi
On Tue, 2009-01-13 at 13:39 +0100, Balazs Scheidler wrote:
On Mon, 2009-01-12 at 14:24 -0600, Mike Rykowski wrote:
On Mon, 2009-01-12 at 20:17 +0000, Balazs Scheidler wrote:
Hmm... do you happen to use chroot? Because that might influence the paths.
Yes, here is how syslog-ng is run:
syslog-ng -f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-ng.pid - C /var/log/netlog -u syslog-ng
Well, anything before 3.0 initialized the configuration _before_ chroot was in effect, thus the name of the files should be relative to the system root, and not inside the chroot. However in this case configuration file reload does not work, as the SIGHUP is processed when syslog-ng is already inside the chroot.
In 3.0, I've changed this to be more consistent: the initial configuration is also loaded when the chroot is already in effect. If you'd like to use chroots, I'd recommend to use at least 3.0
I changed the destination to just the file name since it is in the chroot and the pipe works now (destination dst_sec { pipe("sec-pipe");). I'll heed the advice to upgrade to 3.0 though. Thanks for your help. -- Mike Rykowski NU-IT Telecommunications and Network Services
participants (4)
-
Balazs Scheidler
-
Fegan, Joe
-
Geller, Sandor (IT)
-
Mike Rykowski