Hi, We want to monitor disk-buffer files, so we can detect if there is are some issues with the destinations. syslog-ng creates these files with permissions like this otal 360 -rw-------. 1 root root 4096 Oct 10 2019 syslog-ng-00000.qf -rw-------. 1 root root 4096 Jul 12 03:49 syslog-ng-00001.qf So, our monitor script (for zabbix) cannot stat files because it is running under user zabbix. I'm not sure how to submit a feature request nowadays, but it would be great of perm() option added to disk-buffer() Any chance? Thx L:
Hi, Just chiming in here and could be totally off the mark but this sounds like a great candidate for using built in Linux ACLs. Should be able to give the Zabbix user permissions for anything created in that directory using setfacl. Regards Soyef From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> On Behalf Of Pal, Laszlo Sent: 13 July 2020 12:24 To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> Subject: [syslog-ng] disk buffer files permissions Hi, We want to monitor disk-buffer files, so we can detect if there is are some issues with the destinations. syslog-ng creates these files with permissions like this otal 360 -rw-------. 1 root root 4096 Oct 10 2019 syslog-ng-00000.qf -rw-------. 1 root root 4096 Jul 12 03:49 syslog-ng-00001.qf So, our monitor script (for zabbix) cannot stat files because it is running under user zabbix. I'm not sure how to submit a feature request nowadays, but it would be great of perm() option added to disk-buffer() Any chance? Thx L: ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________ ********************************************************************** This email and any files transmitted with it are private and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please return it to the address it came from telling them it is not for you and then delete it from your system. This email message has been swept for computer viruses. **********************************************************************
Hi Ahmed, Than you for your suggestion. setfacl solved my permission issues :) L: On Mon, Jul 13, 2020 at 1:28 PM Ahmed Soyef <Soyef.Ahmed34@homeoffice.gov.uk> wrote:
Hi,
Just chiming in here and could be totally off the mark but this sounds like a great candidate for using built in Linux ACLs. Should be able to give the Zabbix user permissions for anything created in that directory using setfacl.
Regards
Soyef
*From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> *On Behalf Of *Pal, Laszlo *Sent:* 13 July 2020 12:24 *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* [syslog-ng] disk buffer files permissions
Hi,
We want to monitor disk-buffer files, so we can detect if there is are some issues with the destinations. syslog-ng creates these files with permissions like this
otal 360
-rw-------. 1 root root 4096 Oct 10 2019 syslog-ng-00000.qf
-rw-------. 1 root root 4096 Jul 12 03:49 syslog-ng-00001.qf
So, our monitor script (for zabbix) cannot stat files because it is running under user zabbix.
I'm not sure how to submit a feature request nowadays, but it would be great of perm() option added to disk-buffer()
Any chance?
Thx
L:
______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________ ********************************************************************** This email and any files transmitted with it are private and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please return it to the address it came from telling them it is not for you and then delete it from your system. This email message has been swept for computer viruses. **********************************************************************
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Hi Laci, Why don't you monitor the output of syslog-ng-ctl stats or syslog-ng-ctl query instead to see queued counters? IMHO it would be easier than checking the files, which may become corrupted and renamed, or become larger than 4KB even in cases when there are no apparent problems. (For instance if the queue file is several GB in size, but only holds a few KB of actual buffered data.) Best Regards, János -- Janos SZIGETVARI RHCE, License no. 150-053-692 <https://www.redhat.com/rhtapps/verify/?certId=150-053-692> LinkedIn: linkedin.com/in/janosszigetvari __@__˚V˚ Make the switch to open (source) applications, protocols, formats now: - windows -> Linux, iexplore -> Firefox, msoffice -> LibreOffice - msn -> jabber protocol (Pidgin, Google Talk) - mp3 -> ogg, wmv -> ogg, jpg -> png, doc/xls/ppt -> odt/ods/odp Pal, Laszlo <vlad@vlad.hu> ezt írta (időpont: 2020. júl. 13., H, 13:24):
Hi,
We want to monitor disk-buffer files, so we can detect if there is are some issues with the destinations. syslog-ng creates these files with permissions like this
otal 360 -rw-------. 1 root root 4096 Oct 10 2019 syslog-ng-00000.qf -rw-------. 1 root root 4096 Jul 12 03:49 syslog-ng-00001.qf
So, our monitor script (for zabbix) cannot stat files because it is running under user zabbix.
I'm not sure how to submit a feature request nowadays, but it would be great of perm() option added to disk-buffer()
Any chance? Thx L:
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Good point, however monitoring file sizes from Zabbix perspective is more generic an re-usable. syslog-ng-ctl solution is specific to syslog-ng Also, we will have similar permission issues there (so, we need to implement some sudo based authorization, which is obviously possible), so simple du in a bash script looked simpler :) /usr/sbin/syslog-ng-ctl stats Error connecting control socket, socket='/var/lib/syslog-ng/syslog-ng.ctl', error='Permission denied' L: On Mon, Jul 13, 2020 at 1:55 PM SZIGETVÁRI János <jszigetvari@gmail.com> wrote:
Hi Laci,
Why don't you monitor the output of syslog-ng-ctl stats or syslog-ng-ctl query instead to see queued counters? IMHO it would be easier than checking the files, which may become corrupted and renamed, or become larger than 4KB even in cases when there are no apparent problems. (For instance if the queue file is several GB in size, but only holds a few KB of actual buffered data.)
Best Regards, János -- Janos SZIGETVARI RHCE, License no. 150-053-692 <https://www.redhat.com/rhtapps/verify/?certId=150-053-692>
LinkedIn: linkedin.com/in/janosszigetvari
__@__˚V˚ Make the switch to open (source) applications, protocols, formats now: - windows -> Linux, iexplore -> Firefox, msoffice -> LibreOffice - msn -> jabber protocol (Pidgin, Google Talk) - mp3 -> ogg, wmv -> ogg, jpg -> png, doc/xls/ppt -> odt/ods/odp
Pal, Laszlo <vlad@vlad.hu> ezt írta (időpont: 2020. júl. 13., H, 13:24):
Hi,
We want to monitor disk-buffer files, so we can detect if there is are some issues with the destinations. syslog-ng creates these files with permissions like this
otal 360 -rw-------. 1 root root 4096 Oct 10 2019 syslog-ng-00000.qf -rw-------. 1 root root 4096 Jul 12 03:49 syslog-ng-00001.qf
So, our monitor script (for zabbix) cannot stat files because it is running under user zabbix.
I'm not sure how to submit a feature request nowadays, but it would be great of perm() option added to disk-buffer()
Any chance? Thx L:
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
participants (3)
-
Ahmed Soyef
-
Pal, Laszlo
-
SZIGETVÁRI János