sorry, I managed to miss that.
since dev is owned by root, why can't rsyslog create the socket in it?
try putting root in the rcynic group and changing the /var/rsynic
permissions from 700 to 720 (to allow root to cd to /var/rcynic)
David Lang
On Mon, 26 Mar 2012, Manh Do wrote:
Date: Mon, 26 Mar 2012 13:28:19 -0700
From: Manh Do <[email protected]>
Reply-To: rsyslog-users <[email protected]>
To: rsyslog-users <[email protected]>
Subject: Re: [rsyslog] Running rsyslog with chroot jail
Hello Dave,
I do have the directory /var/rcynic/dev and here are its permissions:
[root@mycentos rcynic]# pwd
/var/rcynic
[root@mycentos rcynic]# ls -al
total 44
drwx------. 8 rcynic rcynic 4096 Mar 26 09:35 .
drwxr-xr-x. 22 root root 4096 Mar 26 09:34 ..
-rw-r--r--. 1 rcynic rcynic 18 Dec 2 06:27 .bash_logout
-rw-r--r--. 1 rcynic rcynic 176 Dec 2 06:27 .bash_profile
-rw-r--r--. 1 rcynic rcynic 124 Dec 2 06:27 .bashrc
dr-xr-xr-x. 2 root root 4096 Mar 26 09:35 bin
drwxr-xr-x. 5 rcynic rcynic 4096 Mar 26 13:06 data
drwxr-xr-x. 2 root root 4096 Mar 26 09:35 dev
dr-xr-xr-x. 3 root root 4096 Mar 26 09:35 etc
dr-xr-xr-x. 2 root root 4096 Mar 26 09:35 lib64
drwxr-xr-x. 3 root root 4096 Mar 26 09:35 usr
[root@mycentos rcynic]#
Thanks,
Manh
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of [email protected]
Sent: Monday, March 26, 2012 1:17 PM
To: rsyslog-users
Subject: Re: [rsyslog] Running rsyslog with chroot jail
In your case the problem is that you don't have the directory
/var/rcynic/dev
rsyslog will create the file, but not the directory.
David Lang
On Mon, 26 Mar 2012, Manh Do wrote:
Hello David,
Thanks for the quick reply. Here are the permissions that I've set for the file
/var/rcynic
[root@mycentos var]# pwd
/var
[root@mycentos var]# ls -al
total 88
drwxr-xr-x. 22 root root 4096 Mar 26 09:34 .
dr-xr-xr-x. 25 root root 4096 Mar 23 14:19 ..
drwxr-xr-x. 2 root root 4096 Mar 16 13:40 account
drwxr-xr-x. 12 root root 4096 Mar 16 15:20 cache
drwxr-xr-x. 2 root root 4096 Dec 7 17:17 crash
drwxr-xr-x. 2 root root 4096 Feb 22 03:52 cvs
drwxr-xr-x. 3 root root 4096 Mar 16 13:40 db
drwxr-xr-x. 3 root root 4096 Mar 16 13:40 empty
drwxr-xr-x. 2 root root 4096 Sep 23 2011 games
drwxr-xr-x. 32 root root 4096 Mar 19 10:48 lib
drwxr-xr-x. 2 root root 4096 Sep 23 2011 local
drwxrwxr-x. 5 root lock 4096 Mar 26 03:43 lock
drwxr-xr-x. 11 root root 4096 Mar 25 03:37 log
lrwxrwxrwx. 1 root root 10 Mar 16 13:00 mail -> spool/mail
drwxr-xr-x. 2 root root 4096 Sep 23 2011 nis
drwxr-xr-x. 2 root root 4096 Sep 23 2011 opt
drwxr-xr-x. 2 root root 4096 Sep 23 2011 preserve
drwx------. 8 rcynic rcynic 4096 Mar 26 09:35 rcynic
drwxr-xr-x. 22 root root 4096 Mar 26 12:50 run
drwxr-xr-x. 12 root root 4096 Mar 16 13:38 spool
drwxrwxrwt. 2 root root 4096 Mar 22 16:33 tmp
drwxr-xr-x. 6 root root 4096 Mar 16 15:20 www
drwxr-xr-x. 3 root root 4096 Mar 16 13:37 yp
[root@mycentos var]#
Thanks for your help,
Manh
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of [email protected]
Sent: Monday, March 26, 2012 11:54 AM
To: rsyslog-users
Subject: Re: [rsyslog] Running rsyslog with chroot jail
what are the permissions on the file /var/rcynic?
If rsyslog doesn't have permissions to create the socket there, it's not
going to be able to work, but I don't see how giving root the permission
to create that socket defeats the purpose of the chroot.
David Lang
On Mon, 26 Mar
2012, Manh Do wrote:
Date: Mon, 26 Mar 2012 09:55:48 -0700
From: Manh Do <[email protected]>
Reply-To: rsyslog-users <[email protected]>
To: "[email protected]" <[email protected]>
Subject: [rsyslog] Running rsyslog with chroot jail
Hello All,
I've tried to run the rsyslog with a chroot jail 'rcynic' so I've added the
following statement to the /etc/rsyslog.conf file:
$AddUnixListenSocket /var/rcynic/dev/log
However, the log file has the following error message:
Mar 22 14:52:53 mycentos abrtd: Init complete, entering main loop
Mar 22 14:52:53 mycentos qpidd[1695]: 2012-03-22 14:52:53 notice Listening on
TCP port 5672
Mar 22 14:52:53 mycentos qpidd[1695]: 2012-03-22 14:52:53 notice SSL plugin not
enabled, you must set --ssl-cert-db to enable it.
Mar 22 14:52:53 mycentos qpidd[1695]: 2012-03-22 14:52:53 notice Broker running
Mar 22 15:03:55 mycentos kernel: Kernel logging (proc) stopped.
Mar 22 15:03:55 mycentos rsyslogd: [origin software="rsyslogd" swVersion="4.6.2"
x-pid="1166" x-info="http://www.rsyslog.com";] exiting on signal 15.
Mar 22 15:03:55 mycentos rsyslogd: connot create '/var/rcynic/dev/log':
Permission denied
Mar 22 15:03:55 mycentos kernel: imklog 4.6.2, log source = /proc/kmsg started.
Mar 22 15:03:55 mycentos rsyslogd: [origin software="rsyslogd" swVersion="4.6.2"
x-pid="2291" x-info="http://www.rsyslog.com";] (re)start
Note the typo error 'connot'. If I change the file permissions then it defeats
the purpose of the chroot mechanism. Do you have any suggestions on how to
correctly setup the rsyslog for a chroot jail?
Thanks,
Manh
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
