I can only help you with that part if you point me to why exactly the script claims what it does. So you may want to try find someone who can do that. I know this is probably a trivial question, but I don't know anything ;)
Sry, rainer > -----Original Message----- > From: [email protected] [mailto:rsyslog- > [email protected]] On Behalf Of Michael Maymann > Sent: Thursday, February 02, 2012 10:03 AM > To: rsyslog-users > Subject: Re: [rsyslog] rsyslog as non-root user > > Here is my startup script... only thing changed is the path to the new > 6.3.6-rsyslog-devel binary. > The startup-scripts works also perfectly when i comment out the > PrivDropToUser+PrivDropToGroup in /etc/rsyslog.conf - but failes if i > have > both or one of the entries...: > #!/bin/bash > # > # rsyslog Starts rsyslogd/rklogd. > # > # > # chkconfig: 2345 12 88 > # description: Syslog is the facility by which many daemons use to log > \ > # messages to various system log files. It is a good idea to always \ > # run rsyslog. > ### BEGIN INIT INFO > # Provides: $syslog > # Required-Start: $local_fs > # Required-Stop: $local_fs > # Default-Start: 2 3 4 5 > # Default-Stop: 0 1 6 > # Short-Description: Enhanced system logging and kernel message > trapping > daemons > # Description: Rsyslog is an enhanced multi-threaded syslogd > supporting, > # among others, MySQL, syslog/tcp, RFC 3195, permitted > # sender lists, filtering on any message part, and fine > # grain output format control. > ### END INIT INFO > > # Source function library. > . /etc/init.d/functions > > RETVAL=0 > PIDFILE=/var/run/syslogd.pid > > prog=rsyslogd > #exec=/sbin/rsyslogd > exec=/usr/sbin/rsyslogd > lockfile=/var/lock/subsys/$prog > > start() { > [ -x $exec ] || exit 5 > > # Source config > if [ -f /etc/sysconfig/rsyslog ] ; then > . /etc/sysconfig/rsyslog > fi > umask 077 > > echo -n $"Starting system logger: " > daemon --pidfile="${PIDFILE}" $exec $SYSLOGD_OPTIONS > RETVAL=$? > echo > [ $RETVAL -eq 0 ] && touch $lockfile > return $RETVAL > } > stop() { > echo -n $"Shutting down system logger: " > killproc $prog > RETVAL=$? > echo > [ $RETVAL -eq 0 ] && rm -f $lockfile > return $RETVAL > } > reload() { > RETVAL=1 > syslog=$(cat "${PIDFILE}" 2>/dev/null) > echo -n "Reloading system logger..." > if [ -n "${syslog}" ] && [ -e /proc/"${syslog}" ]; then > kill -HUP "$syslog"; > RETVAL=$? > fi > if [ $RETVAL -ne 0 ]; then > failure > else > success > fi > echo > return $RETVAL > } > rhstatus() { > status -p "${PIDFILE}" $prog > } > restart() { > stop > start > } > > case "$1" in > start) > start > ;; > stop) > stop > ;; > restart) > restart > ;; > reload|force-reload) > reload > ;; > status) > rhstatus > ;; > condrestart|try-restart) > rhstatus >/dev/null 2>&1 || exit 0 > restart > ;; > *) > echo $"Usage: $0 > {start|stop|restart|condrestart|try-restart|reload|force- > reload|status}" > exit 2 > esac > > exit $? > > 2012/2/2 Rainer Gerhards <[email protected]> > > > > > > > > -----Original Message----- > > > From: [email protected] [mailto:rsyslog- > > > [email protected]] On Behalf Of Michael Maymann > > > Sent: Wednesday, February 01, 2012 9:08 AM > > > To: rsyslog-users > > > Subject: Re: [rsyslog] rsyslog as non-root user > > > > > > Hi, > > > > > > David: thanks - got it working with permission dropping, by far my > > > prefered > > > configuration... just didn't know of it...:-) ! > > > Rainer: please let us know if the debug info of the "permission > > > dropping: > > > hang+timeout" I send you can solve anything... anyway it works now > - > > > but > > > not optimal if other people have to service my setup...:-) ! > > > > I have reviewed the debug log and I see nothing unexpected. From the > > timestamps I also see that there is no hang whatsoever. So it looks > like > > there is some problem with the startup script, which I don't know. I > > suggest > > to ask what the FAILED status is caused by. We can then look why this > > happens. > > > > Sorry I have no better answer... > > Rainer > > > > > > > > Thanks in advance :-) ! > > > ~maymann > > > > > > 2012/2/1 <[email protected]> > > > > > > > On Tue, 31 Jan 2012, Michael Maymann wrote: > > > > > > > > Hi, > > > >> > > > >> I have now setup a 6.3.6-devel rsyslog server that is working > fine > > > running > > > >> as root. > > > >> I would like to run it as non-root user as my logfiles are > located > > > on NFS > > > >> (and root export of NFS is generally not a good idea !). > > > >> > > > >> Here is my rsyslog.conf: > > > >> #LOAD MODULES > > > >> $ModLoad imudp > > > >> $UDPServerRun 514 > > > >> $UDPServerAddress 127.0.0.1 > > > >> $ModLoad imtcp > > > >> $InputTCPServerRun 514 > > > >> #SET DESTINATION FOR LOGS > > > >> $template > > > >> DYNmessages,"<PATH_TO>/%**FROMHOST%/%FROMHOST%_%$YEAR%.%** > > > >> $MONTH%_messages" > > > >> $template > > > >> > > > > DYNsecure,"<PATH_TO>/%**FROMHOST%/%FROMHOST%_%$YEAR%.%**$MONTH%_secure" > > > >> $template > > > >> > > > > DYNmaillog,"<PATH_TO>/%**FROMHOST%/%FROMHOST%_%$YEAR%.%**$MONTH%_maillo > > > g" > > > >> $template > > > DYNcron,"<PATH_TO>/%FROMHOST%/**%FROMHOST%_%$YEAR%.%$MONTH%_** > > > >> cron" > > > >> $template > > > >> > > > > DYNspooler,"<PATH_TO>/%**FROMHOST%/%FROMHOST%_%$YEAR%.%**$MONTH%_spoole > > > r" > > > >> $template > > > >> > > > > DYNboot,"<PATH_TO>/%FROMHOST%/**%FROMHOST%_%$YEAR%.%$MONTH%_**boot.log" > > > >> $template > > > DYNtraps,"<PATH_TO>/%FROMHOST%**/%FROMHOST%_%$YEAR%.%$MONTH%_** > > > >> traps" > > > >> #SET LOGGING CONDITIONS > > > >> if $syslogseverity <= '6' then ?DYNmessages > > > >> if $syslogfacility-text == 'authpriv' then ?DYNsecure > > > >> if $syslogfacility-text == 'mail' then ?DYNmaillog > > > >> if $syslogfacility-text == 'cron' then ?DYNcron > > > >> if $syslogseverity-text == 'crit' then ?DYNspooler > > > >> if $syslogfacility-text == 'local7' then ?DYNboot > > > >> if $syslogfacility-text == 'local6' and $syslogseverity-text == > > > 'WARNING' > > > >> then ?DYNtraps > > > >> > > > >> Here is my logfile when I try to start rsyslog as a non-root > user: > > > >> 2012-01-31T15:45:52.997693+02:**00 <hostname> rsyslogd: [origin > > > >> software="rsyslogd" swVersion="6.3.6" x-pid="26185" x-info=" > > > >> http://www.rsyslog.com";] start > > > >> 2012-01-31T15:45:52.997294+02:**00 <hostname> rsyslogd: bind: > > > Permission > > > >> denied > > > >> 2012-01-31T15:45:52.997369+02:**00 <hostname> rsyslogd: bind: > > > Permission > > > >> denied > > > >> 2012-01-31T15:45:52.997374+02:**00 <hostname> rsyslogd: No UDP > > > listen > > > >> socket > > > >> could successfully be initialized, message reception via UDP > > > disabled. > > > >> 2012-01-31T15:45:52.997376+02:**00 <hostname> rsyslogd: imudp: > no > > > >> listeners > > > >> could be started, input not activated. > > > >> 2012-01-31T15:45:52.997379+02:**00 <hostname> rsyslogd3: > activation > > > of > > > >> module > > > >> imudp failed [try http://www.rsyslog.com/e/-3 ] > > > >> 2012-01-31T15:45:52.997643+02:**00 <hostname> rsyslogd-2077: > Could > > > not > > > >> create > > > >> tcp listener, ignoring port 514. [try > http://www.rsyslog.com/e/2077 > > > ] > > > >> > > > >> So permissions to bind and sockets seems to be the problem... > > > >> > > > > > > > > yes, you cannot bind to ports <1024 as a normal user (without > making > > > some > > > > other non-standard changes through sysctl) > > > > > > > > > > > > 1. Is it possible to make rsyslog write logfiles as a non-root > user > > > - if > > > >> yes: how ? > > > >> > > > > > > > > permission drop features > > > > > > > > > > > > 2a. Is it possible to add permissions for non-root user to run > > > rsyslog > > > >> server - if yes: how ? > > > >> > > > > > > > > pick a listening port > 1024 and it should work. > > > > > > > > > > > > 2b. How do I start rsyslog during boot as non-root user - can > > > chkconfig do > > > >> this ? do I need to edit /etc/init.d/rsyslog - if yes: how ? > > > >> > > > > > > > > su can run a command as a different user. > > > > > > > > although as Rainer points out, you may just be looking for the > > > permission > > > > dropping features that are already in rsyslog. > > > > > > > > David Lang > > > > > > > > ______________________________**_________________ > > > > rsyslog mailing list > > > > > > > > http://lists.adiscon.net/**mailman/listinfo/rsyslog<http://lists.adisco > > > n.net/mailman/listinfo/rsyslog> > > > > http://www.rsyslog.com/**professional- > > > services/<http://www.rsyslog.com/professional-services/> > > > > > > > _______________________________________________ > > > rsyslog mailing list > > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > > http://www.rsyslog.com/professional-services/ > > _______________________________________________ > > rsyslog mailing list > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/
