[syslog-ng] running as non-root doesn't get kernel log
Hari Sekhon
hpsekhon at googlemail.com
Mon Jan 29 16:23:10 CET 2007
then the question is does it fail to open the /var/log/kernel/log file
before or after dropping root privs and can you solve this by granting
the "logger" group the privs on the files?
-h
Hari Sekhon
Carlos Carvalho wrote:
> SZALAY Attila (sasa at pheniscidae.tvnetwork.hu) wrote on 29 January 2007 15:37:
> >On Mon, 2007-01-29 at 09:37 -0200, Carlos Carvalho wrote:
> >> I'm trying to run syslog-ng 2.0.0 as a user that's not root via the -u
> >> option. The problem is that it doesn't get the kernel log. Tracking
> >> with strace shows that it doesn't open the kernel destination file. I
> >
> >The question is that syslog-ng try to open kernel _source_ file or not?
> >(The kernel source file is /proc/kmsg) If syslog-ng doesn't have the
> >right to open (or read when SELinux is installed) this socket than it
> >cannot read the log messages.
>
> It does open /proc/kmsg:
>
> open("/proc/kmsg", O_RDONLY|O_NONBLOCK|O_NOCTTY|O_LARGEFILE) = 5
>
> It doesn't open /var/log/kernel/log (the file configured as destination).
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
>
More information about the syslog-ng
mailing list