More on syslog-ng changing ownership and perms of source file
I added the line: | file_dir_perm_option to the source_affile_option in ./modules/affile/affile-grammar.y:419 would allow setting ownership and permissions on source files (or opting for no-change) This would gave: source_affile_option : KW_FOLLOW_FREQ '(' LL_FLOAT ')' { affile_sd_set_follow_freq(last_driver, (long) ($3 * 1000)); } | KW_FOLLOW_FREQ '(' LL_NUMBER ')' { affile_sd_set_follow_freq(last_driver, ($3 * 1000)); } | KW_PAD_SIZE '(' LL_NUMBER ')' { ((AFFileSourceDriver *) last_driver)->pad_size = $3; } | file_dir_perm_option | multi_line_option | source_reader_option ; I did this with the syslog-ng.3.6.4 source and it now does the following: The owner group and permissions are changed only if the file source line specifies a value (not -1) for one of these items. In other words, it does not use any default value from the configuration, it simply leaves things as it found them. -- Jim Segrave jes@j-e-s.net
Hi Jim, Thanks a lot for your quick answer, It works fine in my situation, Regards Alain -----Message d'origine----- De : syslog-ng [mailto:syslog-ng-bounces@lists.balabit.hu] De la part de Jim Segrave Envoyé : mercredi 29 novembre 2017 15:01 À : syslog-ng@lists.balabit.hu Objet : [syslog-ng] More on syslog-ng changing ownership and perms of source file I added the line: | file_dir_perm_option to the source_affile_option in ./modules/affile/affile-grammar.y:419 would allow setting ownership and permissions on source files (or opting for no-change) This would gave: source_affile_option : KW_FOLLOW_FREQ '(' LL_FLOAT ')' { affile_sd_set_follow_freq(last_driver, (long) ($3 * 1000)); } | KW_FOLLOW_FREQ '(' LL_NUMBER ')' { affile_sd_set_follow_freq(last_driver, ($3 * 1000)); } | KW_PAD_SIZE '(' LL_NUMBER ')' { ((AFFileSourceDriver *) last_driver)->pad_size = $3; } | file_dir_perm_option | multi_line_option | source_reader_option ; I did this with the syslog-ng.3.6.4 source and it now does the following: The owner group and permissions are changed only if the file source line specifies a value (not -1) for one of these items. In other words, it does not use any default value from the configuration, it simply leaves things as it found them. -- Jim Segrave jes@j-e-s.net ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
hi, I've just posted a pull request that I didn't have time to test: can you pls test if this fixes the issue for you? https://github.com/balabit/syslog-ng/pull/1782 -- Bazsi On Wed, Nov 29, 2017 at 6:51 AM, <alain.villefranque@orange.com> wrote:
Hi Jim,
Thanks a lot for your quick answer, It works fine in my situation,
Regards
Alain
-----Message d'origine----- De : syslog-ng [mailto:syslog-ng-bounces@lists.balabit.hu] De la part de Jim Segrave Envoyé : mercredi 29 novembre 2017 15:01 À : syslog-ng@lists.balabit.hu Objet : [syslog-ng] More on syslog-ng changing ownership and perms of source file
I added the line:
| file_dir_perm_option
to the source_affile_option in ./modules/affile/affile-grammar.y:419 would allow setting ownership and permissions on source files (or opting for no-change)
This would gave:
source_affile_option : KW_FOLLOW_FREQ '(' LL_FLOAT ')' { affile_sd_set_follow_freq(last_driver, (long) ($3 * 1000)); } | KW_FOLLOW_FREQ '(' LL_NUMBER ')' { affile_sd_set_follow_freq(last_driver, ($3 * 1000)); } | KW_PAD_SIZE '(' LL_NUMBER ')' { ((AFFileSourceDriver *) last_driver)->pad_size = $3; } | file_dir_perm_option | multi_line_option | source_reader_option ;
I did this with the syslog-ng.3.6.4 source and it now does the following:
The owner group and permissions are changed only if the file source line specifies a value (not -1) for one of these items. In other words, it does not use any default value from the configuration, it simply leaves things as it found them.
-- Jim Segrave jes@j-e-s.net
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
____________________________________________________________ _____________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Hi Bazsi, I’m sorry, but I’m only a syslog-ng user and have no skill in development, so I cannot check the fix…. Regards Alain De : syslog-ng [mailto:syslog-ng-bounces@lists.balabit.hu] De la part de Scheidler, Balázs Envoyé : jeudi 30 novembre 2017 00:42 À : Syslog-ng users' and developers' mailing list Objet : Re: [syslog-ng] More on syslog-ng changing ownership and perms of source file hi, I've just posted a pull request that I didn't have time to test: can you pls test if this fixes the issue for you? https://github.com/balabit/syslog-ng/pull/1782 -- Bazsi On Wed, Nov 29, 2017 at 6:51 AM, <alain.villefranque@orange.com<mailto:alain.villefranque@orange.com>> wrote: Hi Jim, Thanks a lot for your quick answer, It works fine in my situation, Regards Alain -----Message d'origine----- De : syslog-ng [mailto:syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>] De la part de Jim Segrave Envoyé : mercredi 29 novembre 2017 15:01 À : syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu> Objet : [syslog-ng] More on syslog-ng changing ownership and perms of source file I added the line: | file_dir_perm_option to the source_affile_option in ./modules/affile/affile-grammar.y:419 would allow setting ownership and permissions on source files (or opting for no-change) This would gave: source_affile_option : KW_FOLLOW_FREQ '(' LL_FLOAT ')' { affile_sd_set_follow_freq(last_driver, (long) ($3 * 1000)); } | KW_FOLLOW_FREQ '(' LL_NUMBER ')' { affile_sd_set_follow_freq(last_driver, ($3 * 1000)); } | KW_PAD_SIZE '(' LL_NUMBER ')' { ((AFFileSourceDriver *) last_driver)->pad_size = $3; } | file_dir_perm_option | multi_line_option | source_reader_option ; I did this with the syslog-ng.3.6.4 source and it now does the following: The owner group and permissions are changed only if the file source line specifies a value (not -1) for one of these items. In other words, it does not use any default value from the configuration, it simply leaves things as it found them. -- Jim Segrave jes@j-e-s.net<mailto:jes@j-e-s.net> ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
participants (3)
-
alain.villefranque@orange.com
-
Jim Segrave
-
Scheidler, Balázs