Hello Dave, I've followed your suggestions by adding root to the rcynic group and changing the /var/rcynic permissions to 720 but then now I'm getting the error 'Address already in use':
Mar 27 09:49:13 mycentos rsyslogd: [origin software="rsyslogd" swVersion="4.6.2" x-pid="11097" x-info="http://www.rsyslog.com";] exiting on signal 15. Mar 27 09:49:13 mycentos rsyslogd: connot create '/var/rcynic/dev/log': Address already in use Mar 27 09:49:13 mycentos kernel: imklog 4.6.2, log source = /proc/kmsg started. Mar 27 09:49:13 mycentos rsyslogd: [origin software="rsyslogd" swVersion="4.6.2" x-pid="11665" x-info="http://www.rsyslog.com";] (re)start Mar 27 10:08:06 mycentos dhclient[1096]: DHCPREQUEST on eth0 to 10.255.255.254 port 67 (xid=0xf73ae13) Mar 27 10:08:06 mycentos dhclient[1096]: DHCPACK from 10.255.255.254 (xid=0xf73ae13) Mar 27 10:08:06 mycentos dhclient[1096]: bound to 10.255.255.45 -- renewal in 6353 seconds. I did have the following two lines in the file /etc/rsyslog.conf: $ModLoad imuxsock.so $AddUnixListenSocket /var/rcynic/dev/log Thanks for your help, Manh -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Monday, March 26, 2012 11:02 PM To: rsyslog-users Subject: Re: [rsyslog] Running rsyslog with chroot jail sorry, I managed to miss that. since dev is owned by root, why can't rsyslog create the socket in it? try putting root in the rcynic group and changing the /var/rsynic permissions from 700 to 720 (to allow root to cd to /var/rcynic) David Lang On Mon, 26 Mar 2012, Manh Do wrote: > Date: Mon, 26 Mar 2012 13:28:19 -0700 > From: Manh Do <[email protected]> > Reply-To: rsyslog-users <[email protected]> > To: rsyslog-users <[email protected]> > Subject: Re: [rsyslog] Running rsyslog with chroot jail > > Hello Dave, > > I do have the directory /var/rcynic/dev and here are its permissions: > > [root@mycentos rcynic]# pwd > /var/rcynic > [root@mycentos rcynic]# ls -al > total 44 > drwx------. 8 rcynic rcynic 4096 Mar 26 09:35 . > drwxr-xr-x. 22 root root 4096 Mar 26 09:34 .. > -rw-r--r--. 1 rcynic rcynic 18 Dec 2 06:27 .bash_logout > -rw-r--r--. 1 rcynic rcynic 176 Dec 2 06:27 .bash_profile > -rw-r--r--. 1 rcynic rcynic 124 Dec 2 06:27 .bashrc > dr-xr-xr-x. 2 root root 4096 Mar 26 09:35 bin > drwxr-xr-x. 5 rcynic rcynic 4096 Mar 26 13:06 data > drwxr-xr-x. 2 root root 4096 Mar 26 09:35 dev > dr-xr-xr-x. 3 root root 4096 Mar 26 09:35 etc > dr-xr-xr-x. 2 root root 4096 Mar 26 09:35 lib64 > drwxr-xr-x. 3 root root 4096 Mar 26 09:35 usr > [root@mycentos rcynic]# > > > Thanks, > Manh > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of [email protected] > Sent: Monday, March 26, 2012 1:17 PM > To: rsyslog-users > Subject: Re: [rsyslog] Running rsyslog with chroot jail > > In your case the problem is that you don't have the directory > /var/rcynic/dev > > rsyslog will create the file, but not the directory. > > David Lang > > On Mon, 26 Mar 2012, Manh Do wrote: > >> Hello David, >> >> Thanks for the quick reply. Here are the permissions that I've set for the >> file /var/rcynic >> >> [root@mycentos var]# pwd >> /var >> [root@mycentos var]# ls -al >> total 88 >> drwxr-xr-x. 22 root root 4096 Mar 26 09:34 . >> dr-xr-xr-x. 25 root root 4096 Mar 23 14:19 .. >> drwxr-xr-x. 2 root root 4096 Mar 16 13:40 account >> drwxr-xr-x. 12 root root 4096 Mar 16 15:20 cache >> drwxr-xr-x. 2 root root 4096 Dec 7 17:17 crash >> drwxr-xr-x. 2 root root 4096 Feb 22 03:52 cvs >> drwxr-xr-x. 3 root root 4096 Mar 16 13:40 db >> drwxr-xr-x. 3 root root 4096 Mar 16 13:40 empty >> drwxr-xr-x. 2 root root 4096 Sep 23 2011 games >> drwxr-xr-x. 32 root root 4096 Mar 19 10:48 lib >> drwxr-xr-x. 2 root root 4096 Sep 23 2011 local >> drwxrwxr-x. 5 root lock 4096 Mar 26 03:43 lock >> drwxr-xr-x. 11 root root 4096 Mar 25 03:37 log >> lrwxrwxrwx. 1 root root 10 Mar 16 13:00 mail -> spool/mail >> drwxr-xr-x. 2 root root 4096 Sep 23 2011 nis >> drwxr-xr-x. 2 root root 4096 Sep 23 2011 opt >> drwxr-xr-x. 2 root root 4096 Sep 23 2011 preserve >> drwx------. 8 rcynic rcynic 4096 Mar 26 09:35 rcynic >> drwxr-xr-x. 22 root root 4096 Mar 26 12:50 run >> drwxr-xr-x. 12 root root 4096 Mar 16 13:38 spool >> drwxrwxrwt. 2 root root 4096 Mar 22 16:33 tmp >> drwxr-xr-x. 6 root root 4096 Mar 16 15:20 www >> drwxr-xr-x. 3 root root 4096 Mar 16 13:37 yp >> [root@mycentos var]# >> >> >> Thanks for your help, >> Manh >> >> >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of [email protected] >> Sent: Monday, March 26, 2012 11:54 AM >> To: rsyslog-users >> Subject: Re: [rsyslog] Running rsyslog with chroot jail >> >> what are the permissions on the file /var/rcynic? >> >> If rsyslog doesn't have permissions to create the socket there, it's not >> going to be able to work, but I don't see how giving root the permission >> to create that socket defeats the purpose of the chroot. >> >> David Lang >> >> >> On Mon, 26 Mar >> 2012, Manh Do wrote: >> >>> Date: Mon, 26 Mar 2012 09:55:48 -0700 >>> From: Manh Do <[email protected]> >>> Reply-To: rsyslog-users <[email protected]> >>> To: "[email protected]" <[email protected]> >>> Subject: [rsyslog] Running rsyslog with chroot jail >>> >>> Hello All, >>> >>> I've tried to run the rsyslog with a chroot jail 'rcynic' so I've added the >>> following statement to the /etc/rsyslog.conf file: >>> >>> $AddUnixListenSocket /var/rcynic/dev/log >>> >>> However, the log file has the following error message: >>> >>> Mar 22 14:52:53 mycentos abrtd: Init complete, entering main loop >>> Mar 22 14:52:53 mycentos qpidd[1695]: 2012-03-22 14:52:53 notice Listening >>> on TCP port 5672 >>> Mar 22 14:52:53 mycentos qpidd[1695]: 2012-03-22 14:52:53 notice SSL plugin >>> not enabled, you must set --ssl-cert-db to enable it. >>> Mar 22 14:52:53 mycentos qpidd[1695]: 2012-03-22 14:52:53 notice Broker >>> running >>> Mar 22 15:03:55 mycentos kernel: Kernel logging (proc) stopped. >>> Mar 22 15:03:55 mycentos rsyslogd: [origin software="rsyslogd" >>> swVersion="4.6.2" x-pid="1166" x-info="http://www.rsyslog.com";] exiting on >>> signal 15. >>> Mar 22 15:03:55 mycentos rsyslogd: connot create '/var/rcynic/dev/log': >>> Permission denied >>> Mar 22 15:03:55 mycentos kernel: imklog 4.6.2, log source = /proc/kmsg >>> started. >>> Mar 22 15:03:55 mycentos rsyslogd: [origin software="rsyslogd" >>> swVersion="4.6.2" x-pid="2291" x-info="http://www.rsyslog.com";] (re)start >>> >>> Note the typo error 'connot'. If I change the file permissions then it >>> defeats the purpose of the chroot mechanism. Do you have any suggestions on >>> how to correctly setup the rsyslog for a chroot jail? >>> >>> >>> Thanks, >>> Manh >>> >>> >>> _______________________________________________ >>> rsyslog mailing list >>> http://lists.adiscon.net/mailman/listinfo/rsyslog >>> http://www.rsyslog.com/professional-services/ >>> >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com/professional-services/ >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com/professional-services/ >> > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/
