[syslog-ng] [Bug 99] New: syslog-ng unable to write to files owned by another user and not world writable

Patrick H. syslogng at feystorm.net
Tue Dec 7 15:58:41 CET 2010


What user is syslog-ng running as? I'm guessing that whatever init 
script your distro uses is performing a setuid when launching syslog-ng
"Permission denied (13)" is a error code given by the OS, not syslog-ng. 
Meaning that there is nothing in the syslog-ng code that is able to fix 
this.

-Patrick

Sent: Tue Dec 07 2010 05:26:11 GMT-0700 (Mountain Standard Time)
From: bugzilla at bugzilla.balabit.com
To: syslog-ng at lists.balabit.hu
Subject: [syslog-ng] [Bug 99] New: syslog-ng unable to write to files 
owned by another user and not world writable
> https://bugzilla.balabit.com/show_bug.cgi?id=99
>
>            Summary: syslog-ng unable to write to files owned by another user
>                     and not world writable
>            Product: syslog-ng
>            Version: 3.1.x
>           Platform: PC
>         OS/Version: Linux
>             Status: NEW
>           Severity: minor
>           Priority: unspecified
>          Component: syslog-ng
>         AssignedTo: bazsi at balabit.hu
>         ReportedBy: mimosinnet at ningunlugar.org
> Type of the Report: bug
>    Estimated Hours: 0.0
>
>
> I used to have a new destination that logged messages into a file owned by a certain user. This worked in syslog-ng-3.0.4:
>
> destination problem     { file("/var/log/problem.log" owner("o3o") group("users")); };
>
> # ls -lisah problem.log
> 6268890 920K -rw------- 1 o3o users 915K  7 des 12:52 problem.log
>
> After upgrading to syslog-ng-3.1.1, I get the following message:
>
> Dec  7 12:52:37 o3o syslog-ng[12594]: Error opening file for writing; filename='/var/log/problem.log', error='Permission denied (13)'
> Dec  7 12:52:37 o3o syslog-ng[12594]: syslog-ng internal() messages are looping back, preventing loop by suppressing further messages; recurse_count='2'
>
> I can write to the file as the o3o user (i.e. echo "test" >> /var/log/problem.log).
>
> I have tried to put the file in the home directory with the same result:
>
> destination problem   { file("/home/o3o/problem.log" owner("o3o") group("users")); };
>
> I had to give world permissions to the file for syslog-ng to be able to write to it:
>
> destination problem     { file("/var/log/problem.log" owner("o3o") group("users") perm(0622)); };
>
> The file should only be writable for the specific user.
>
> This seems similar to this other bug: https://bugzilla.balabit.com/show_bug.cgi?id=52
>
> Thanks for the attention!
>
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20101207/81da4b8e/attachment.htm 


More information about the syslog-ng mailing list