[syslog-ng] [Bug 209] New: @include can silently fail

[bugzilla at bugzilla.balabit.com]

https://bugzilla.balabit.com/show_bug.cgi?id=209

           Summary: @include can silently fail
           Product: syslog-ng
           Version: 3.3.x
          Platform: All
        OS/Version: All
            Status: ASSIGNED
          Severity: major
          Priority: unspecified
         Component: syslog-ng
        AssignedTo: algernon at balabit.hu
        ReportedBy: algernon at balabit.hu
Type of the Report: ---
   Estimated Hours: 0.0


With the glob-based @includes, we can silently ignore files that could not be opened, which can very well hide problems.

Case in point:
 /etc/syslog-ng/conf.d/ with 0750 mode and a single file within it, syslog-ng.conf has @include "/etc/syslog-ng/conf.d/some-file.conf"

In this case, we never see some-file.conf being tried, even though it is explicitly included (it still goes through the glob code), and glob() returns
GLOB_NOMATCH, with errno set to EPERM. In this case, we should abort.

An @include should only succeed if there was nothing to include (in case of a globby include), or if everything went well. That we can't read a file, is an
error, and should be treated as such.

(Via Yorick Peterse on twitter)


-- 
Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.