[syslog-ng] running as non-root doesn't get kernel log

Hari Sekhon hpsekhon at googlemail.com
Mon Jan 29 16:23:10 CET 2007


then the question is does it fail to open the /var/log/kernel/log file 
before or after dropping root privs and can you solve this by granting 
the "logger" group the privs on the files?


-h

Hari Sekhon



Carlos Carvalho wrote:
> SZALAY Attila (sasa at pheniscidae.tvnetwork.hu) wrote on 29 January 2007 15:37:
>  >On Mon, 2007-01-29 at 09:37 -0200, Carlos Carvalho wrote:
>  >> I'm trying to run syslog-ng 2.0.0 as a user that's not root via the -u
>  >> option. The problem is that it doesn't get the kernel log. Tracking
>  >> with strace shows that it doesn't open the kernel destination file. I
>  >
>  >The question is that syslog-ng try to open kernel _source_ file or not?
>  >(The kernel source file is /proc/kmsg) If syslog-ng doesn't have the
>  >right to open (or read when SELinux is installed) this socket than it
>  >cannot read the log messages.
>
> It does open /proc/kmsg:
>
> open("/proc/kmsg", O_RDONLY|O_NONBLOCK|O_NOCTTY|O_LARGEFILE) = 5
>
> It doesn't open /var/log/kernel/log (the file configured as destination).
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
>   


More information about the syslog-ng mailing list