Permission Denied (13)
Hi, we are using SLES 11 We are trying to read a tailing file and send it to the server syslog-ng.conf (on client 192.168.18.10 some-host) #syslog-ng.conf options { long_hostnames(off); sync(1); perm(0640); stats(3600); }; source s_mysrc{ file("/some/file.log" ); }; destination d_mydest { tcp("192.168.18.7" port(5140)); }; log { source(s_mysrc); destination(d_mydest); }; #syslog-ng.conf ends syslog-ng.conf (on Server 192.168.18.7) #syslog-ng.conf options { long_hostnames(off); sync(0); perm(0640); stats(3600); }; source s_mysrc{ tcp(ip("192.168.18.7") port(5140) keep-alive(yes)); }; destination d_mydest { file ("/var/log/hosts/$YEAR-$MONTH/$HOST/$FACILITY-$YEAR-$MONTH-$DAY" owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes) ); }; log { source(s_mysrc); destination(d_mydest); }; #syslog-ng.conf ends When I start the service at client, I'm getting the following error Starting syslog servicesError opening file for reading; filename='/some/file.log', error='Permission denied (13)' Error initializing source driver; source='s_mysrc' startproc: exit status of parent of /sbin/syslog-ng: 2 The file /some/file.log has -rw-rw-rw- permissions When I modify the source driver to ... file("/some/file.log" follow_freq(1)); I'm able to start the syslog service, but I don't see anything on the server (192.162.18.7) at /var/log/hosts/2011-03/some-host/ Please help Thanks and regards, Hidayath Saven Technologies: A leader in technology driven business solutions ---------------------------------------------------------------------------- ----------------------------------- #302, 3rd Floor, MyHome Sarovar Plaza, Hyderabad- 500 063, India Off: +91 040 23237303/7304 ext 115 email: hidayath.basha@saventech.com | www.saventech.com follow me: http://twitter.com/hidayath26 ---------------------------------------------------------------------------- -----------------------------------
Hello, On 03/03/2011 02:28 PM, Hidayath Basha wrote:
When I start the service at client, I'm getting the following error Starting syslog servicesError opening file for reading; filename='/some/file.log', error='Permission denied (13)' Error initializing source driver; source='s_mysrc' startproc: exit status of parent of /sbin/syslog-ng: 2
The file /some/file.log has -rw-rw-rw- permissions
You should try to disable AppArmor (rcapparmor stop), and if it helps, then add the file to /etc/apparmor.d/sbin.syslog-ng Bye, -- Peter Czanik (CzP) <czanik@balabit.hu> BalaBit IT Security / syslog-ng upstream http://czanik.blogs.balabit.com/
Hi Peter, Thanks, disabling apparmor really worked. Thank you very much Thanks and regards, Hidayath -----Original Message----- From: syslog-ng-bounces@lists.balabit.hu [mailto:syslog-ng-bounces@lists.balabit.hu]On Behalf Of Peter Czanik Sent: Thursday, March 03, 2011 7:06 PM To: Syslog-ng users' and developers' mailing list Subject: Re: [syslog-ng] Permission Denied (13) Hello, On 03/03/2011 02:28 PM, Hidayath Basha wrote: When I start the service at client, I'm getting the following error Starting syslog servicesError opening file for reading; filename='/some/file.log', error='Permission denied (13)' Error initializing source driver; source='s_mysrc' startproc: exit status of parent of /sbin/syslog-ng: 2 The file /some/file.log has -rw-rw-rw- permissions You should try to disable AppArmor (rcapparmor stop), and if it helps, then add the file to /etc/apparmor.d/sbin.syslog-ng Bye, -- Peter Czanik (CzP) <czanik@balabit.hu> BalaBit IT Security / syslog-ng upstream http://czanik.blogs.balabit.com/
Hello, On 03/04/2011 07:43 AM, Hidayath Basha wrote:
Hi Peter,
Thanks, disabling apparmor really worked. Thank you very much Disabling apparmor is just a workaround. The solution is to add the files to AppArmor. If you read from the file, then a line like this to /etc/apparmor.d/sbin.syslog-ng: /some/file.log r, If it's a destination outside of /var/log, then a line like this: /some/file.dest rw, This way your applications are still protected by AppArmor, but syslog-ng can reach files outside of /var/log Bye, CzP
Thanks and regards, *Hidayath* **
-----Original Message----- *From:* syslog-ng-bounces@lists.balabit.hu [mailto:syslog-ng-bounces@lists.balabit.hu]*On Behalf Of *Peter Czanik *Sent:* Thursday, March 03, 2011 7:06 PM *To:* Syslog-ng users' and developers' mailing list *Subject:* Re: [syslog-ng] Permission Denied (13)
Hello,
On 03/03/2011 02:28 PM, Hidayath Basha wrote:
When I start the service at client, I'm getting the following error Starting syslog servicesError opening file for reading; filename='/some/file.log', error='Permission denied (13)' Error initializing source driver; source='s_mysrc' startproc: exit status of parent of /sbin/syslog-ng: 2
The file /some/file.log has -rw-rw-rw- permissions
You should try to disable AppArmor (rcapparmor stop), and if it helps, then add the file to /etc/apparmor.d/sbin.syslog-ng Bye,
-- Peter Czanik (CzP) <czanik@balabit.hu> BalaBit IT Security / syslog-ng upstream http://czanik.blogs.balabit.com/
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- Peter Czanik (CzP) <czanik@balabit.hu> BalaBit IT Security / syslog-ng upstream http://czanik.blogs.balabit.com/
participants (2)
-
Hidayath Basha
-
Peter Czanik