Ok, success is on the horizon. I can start syslog-ng like this: syslog-ng -d -v -f /etc/syslog-ng/syslog-ng.conf -u log -g log where "log" is an unprivileged user (with /bin/false as a shell when it's all working, to prevent logins). The config file specifies that syslog-ng writes to: /var/log/syslog-ng/local/ But the debugging output is giving "permission denied" errors. The permissions on the directories are setup like this: # ls /var drwxr-x--- 9 root root 4096 May 8 05:11 log/ # ls /var/log drwx------ 3 log log 4096 May 8 05:13 syslog-ng/ # ls /var/log/syslog-ng drwx------ 2 log log 4096 May 8 05:13 local/ So surely the user "log" and therefore syslog-ng has permission to read and write in this directory? It doesn't appear to be the case as I can $ su log and get permission denied errors whilst trying to read, write, or even cd into the directory. The permissions on /var/log need to be set as they are, however I'm guessing that this is the root of the problem (no pun intended). Can anyone suggest a fix? mark www.darklogik.org
On Sat, May 08, 2004 at 05:36:33AM +0100, mark wrote:
But the debugging output is giving "permission denied" errors. The permissions on the directories are setup like this:
# ls /var drwxr-x--- 9 root root 4096 May 8 05:11 log/
# ls /var/log drwx------ 3 log log 4096 May 8 05:13 syslog-ng/
# ls /var/log/syslog-ng drwx------ 2 log log 4096 May 8 05:13 local/
So surely the user "log" and therefore syslog-ng has permission to read and write in this directory? It doesn't appear to be the case as I can
No, the user log isn't allowed to cd through /var/log. # chmod o+x /var/log ...and you'll be fine. No offense, but I recommend a book like "Essential System Administration" to get a good understanding of UNIX file permissions. -- Nate "If you put a billion monkeys in front of a billion typewriters typing at random, they would reproduce the entire collected works of Usenet in about...five minutes." - Anonymous
On Fri, May 07, 2004 at 10:14:30PM -0700, Nate Campi wrote:
On Sat, May 08, 2004 at 05:36:33AM +0100, mark wrote:
But the debugging output is giving "permission denied" errors. The permissions on the directories are setup like this:
# ls /var drwxr-x--- 9 root root 4096 May 8 05:11 log/
# ls /var/log drwx------ 3 log log 4096 May 8 05:13 syslog-ng/
# ls /var/log/syslog-ng drwx------ 2 log log 4096 May 8 05:13 local/
So surely the user "log" and therefore syslog-ng has permission to read and write in this directory? It doesn't appear to be the case as I can
No, the user log isn't allowed to cd through /var/log.
# chmod o+x /var/log
...and you'll be fine.
No offense, but I recommend a book like "Essential System Administration" to get a good understanding of UNIX file permissions.
Heh, I own a few of them. My brain appears to be in some sort of grey area today, I don't know why it wasn't obvious straight away. :) My only excuse is that it's 6am and I haven't slept yet. Thanks, anyway. mark www.darklogik.org
-- Nate
"If you put a billion monkeys in front of a billion typewriters typing at random, they would reproduce the entire collected works of Usenet in about...five minutes." - Anonymous
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
participants (2)
-
mark
-
Nate Campi