Hi, David: thanks - got it working with permission dropping, by far my prefered configuration... just didn't know of it...:-) ! Rainer: please let us know if the debug info of the "permission dropping: hang+timeout" I send you can solve anything... anyway it works now - but not optimal if other people have to service my setup...:-) !
Thanks in advance :-) ! ~maymann 2012/2/1 <[email protected]> > On Tue, 31 Jan 2012, Michael Maymann wrote: > > Hi, >> >> I have now setup a 6.3.6-devel rsyslog server that is working fine running >> as root. >> I would like to run it as non-root user as my logfiles are located on NFS >> (and root export of NFS is generally not a good idea !). >> >> Here is my rsyslog.conf: >> #LOAD MODULES >> $ModLoad imudp >> $UDPServerRun 514 >> $UDPServerAddress 127.0.0.1 >> $ModLoad imtcp >> $InputTCPServerRun 514 >> #SET DESTINATION FOR LOGS >> $template >> DYNmessages,"<PATH_TO>/%**FROMHOST%/%FROMHOST%_%$YEAR%.%** >> $MONTH%_messages" >> $template >> DYNsecure,"<PATH_TO>/%**FROMHOST%/%FROMHOST%_%$YEAR%.%**$MONTH%_secure" >> $template >> DYNmaillog,"<PATH_TO>/%**FROMHOST%/%FROMHOST%_%$YEAR%.%**$MONTH%_maillog" >> $template DYNcron,"<PATH_TO>/%FROMHOST%/**%FROMHOST%_%$YEAR%.%$MONTH%_** >> cron" >> $template >> DYNspooler,"<PATH_TO>/%**FROMHOST%/%FROMHOST%_%$YEAR%.%**$MONTH%_spooler" >> $template >> DYNboot,"<PATH_TO>/%FROMHOST%/**%FROMHOST%_%$YEAR%.%$MONTH%_**boot.log" >> $template DYNtraps,"<PATH_TO>/%FROMHOST%**/%FROMHOST%_%$YEAR%.%$MONTH%_** >> traps" >> #SET LOGGING CONDITIONS >> if $syslogseverity <= '6' then ?DYNmessages >> if $syslogfacility-text == 'authpriv' then ?DYNsecure >> if $syslogfacility-text == 'mail' then ?DYNmaillog >> if $syslogfacility-text == 'cron' then ?DYNcron >> if $syslogseverity-text == 'crit' then ?DYNspooler >> if $syslogfacility-text == 'local7' then ?DYNboot >> if $syslogfacility-text == 'local6' and $syslogseverity-text == 'WARNING' >> then ?DYNtraps >> >> Here is my logfile when I try to start rsyslog as a non-root user: >> 2012-01-31T15:45:52.997693+02:**00 <hostname> rsyslogd: [origin >> software="rsyslogd" swVersion="6.3.6" x-pid="26185" x-info=" >> http://www.rsyslog.com";] start >> 2012-01-31T15:45:52.997294+02:**00 <hostname> rsyslogd: bind: Permission >> denied >> 2012-01-31T15:45:52.997369+02:**00 <hostname> rsyslogd: bind: Permission >> denied >> 2012-01-31T15:45:52.997374+02:**00 <hostname> rsyslogd: No UDP listen >> socket >> could successfully be initialized, message reception via UDP disabled. >> 2012-01-31T15:45:52.997376+02:**00 <hostname> rsyslogd: imudp: no >> listeners >> could be started, input not activated. >> 2012-01-31T15:45:52.997379+02:**00 <hostname> rsyslogd3: activation of >> module >> imudp failed [try http://www.rsyslog.com/e/-3 ] >> 2012-01-31T15:45:52.997643+02:**00 <hostname> rsyslogd-2077: Could not >> create >> tcp listener, ignoring port 514. [try http://www.rsyslog.com/e/2077 ] >> >> So permissions to bind and sockets seems to be the problem... >> > > yes, you cannot bind to ports <1024 as a normal user (without making some > other non-standard changes through sysctl) > > > 1. Is it possible to make rsyslog write logfiles as a non-root user - if >> yes: how ? >> > > permission drop features > > > 2a. Is it possible to add permissions for non-root user to run rsyslog >> server - if yes: how ? >> > > pick a listening port > 1024 and it should work. > > > 2b. How do I start rsyslog during boot as non-root user - can chkconfig do >> this ? do I need to edit /etc/init.d/rsyslog - if yes: how ? >> > > su can run a command as a different user. > > although as Rainer points out, you may just be looking for the permission > dropping features that are already in rsyslog. > > David Lang > > ______________________________**_________________ > rsyslog mailing list > http://lists.adiscon.net/**mailman/listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog> > http://www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/> > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/
