[syslog-ng] I/O error occurred while reading;
fd='4',error='Operation not permitted (1)'
syslog-ng at mattmillersf.fastmail.fm
Wed Jan 3 20:08:37 CET 2007
> "read(4, 0x55ad20, 8192) = -1 EPERM (Operation not
> This is indicative of access control restrictions. If you consider
> the file trying to be read ("/proc/kmsg") and it's permissions (only
> readable as root) it makes sense why you are getting permission errors
Okay, I see that /proc/kmsg was readable only by root. However, I don't
seem to be able to get around this. As shown below I can't seem to read
/proc/kmsg as user syslogng no matter what permissions I set:
mmiller at xpc1:~$ ls -l /var/local/chroot/syslogng/proc/kmsg
-rwxrwxrwx 1 syslogng syslogng 0 2007-01-03 18:19 /var/local/chroot/syslogng/proc/kmsg
mmiller at xpc1:~$ sudo -u syslogng cat /var/local/chroot/syslogng/proc/kmsg
cat: /var/local/chroot/syslogng/proc/kmsg: Operation not permitted
I realize that this may not strictly be a syslog-ng issue, but how can
I use syslog-ng's "-u" option for added security and still get at
> File attribute changes are failing due to only being modifiable as
> root, but being modified as user "syslogng".
Okay, so apparently the process needs CAP_CHOWN privilege so
that the 'fchown' call can succeed? I seem to be getting these
errors even if the files are already owned by the user that I specify
with syslog-ng's "-u" option. Maybe syslog-ng should first check the
owner of the files before trying to change the owner? I'm just
Also, I don't want to go to a lot of effort solely to get a clean 'strace.'
I do, though, want to avail myself of all of syslog-ng's abilities, and I
want to run as a user other than root.
More information about the syslog-ng