[syslog-ng] Error opening log file for writing

Bill Snow bsnow at ca.afilias.info
Thu Oct 28 19:22:36 CEST 2010 

Yeah, one of my colleagues was kind enough to inform me about the 
installation of "apparmor" on that particular machine.  Explains a lot, 
really.

Thanks for your attention, please mock me at your leisure.

Bill Snow


On Thu, 28 Oct 2010, Bill Snow wrote:

>
> I have a openSUSE 11.3 system that I installed syslog-ng on through
> package management.  The intention of the simple config is to get it to
> write log file messages from one program (pdns) to a separate log file
> outside of /var/log.
>
> No matter what I do with the file and directory permissions, I always get
> something like:
>   syslog-ng[17864]: Error opening file for writing;
>   filename='/opt/home/user/logs/pdns.log', error='Permission
>   denied (13)'
> in the log file.
>
> syslog-ng is running as root, as follows:
>
> # ps xo pid,ppid,user,cmd | grep syslog
> 17863     1 root     supervising syslog-ng
> 17864 17863 root     /sbin/syslog-ng
>
> The special config lines in /etc/syslog-ng/syslog-ng.conf look like this:
>
> filter f_dyson      { match('^pdns'); };
> destination dyson   { file("/opt/home/user/logs/pdns.log" perm(0644)); };
> log                 { source(src); filter(f_dyson); destination(dyson); };
>
>
> Googling around indicated a possible problem with capability management,
> but that is turned off in my version:
>
> # syslog-ng --version
> syslog-ng 3.1.1
> Installer-Version: 3.1.1
> Revision:
> ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.1#master#8747d74491eac3fdf5052194f47a68e659633ca9
> Compile-Date: Jul  5 2010 13:47:02
> Enable-Threads: off
> Enable-Debug: off
> Enable-GProf: off
> Enable-Memtrace: off
> Enable-Sun-STREAMS: off
> Enable-Sun-Door: off
> Enable-IPv6: on
> Enable-Spoof-Source: on
> Enable-TCP-Wrapper: on
> Enable-SSL: off
> Enable-SQL: off
> Enable-Linux-Caps: off
> Enable-Pcre: on
>
> I tried explicitly setting the user/group for the destination file in case
> syslog-ng was trying to write the file with a non-privileged owner in a
> directory owned by root.... and also tried setting the directory
> permissions to 777 just in case.
>
>
> Moving the destination to /var/log/pdns.log works.  Of course that's not
> where I want the file.
>
>
> Anybody have an idea of what might be going on here?
>
> Thanks,
>
> Bill Snow
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>

More information about the syslog-ng mailing list