Hello everybody,
first of all, thank you very much for shipping CentOS 7 packages which
closely match those of 'vendor', I mean mainly packaged
{i,o}mjournal.so, patched systemd service - and with version 8.16.0!
Secondly, I'm trying to setup rsyslogd to run from start till end
unprivileged, including further modification of systemd service and
mainly permissions and ownership of files/directories.
The trouble - on package update rpm resets ownership of /var/lib/rsyslog
directory back to root:root. If it wouldn't be too much trouble, I would
love if these were preserved. I think modification of .spec file in
manner like this might do it (my knowledge or rpm .spec is limited):
...
%dir %attr(-,-,-,-) %{rsyslog_statedir}
...
Or, if not, I think global(workDirectory="/var/lib/syslog") or some
other dislocation will workaround it.
If anybody would be interested, here is my current setup:
# groupadd -r -g 514 rsyslog
# useradd -M -d /var/lib/rsyslog -r -G systemd-journal -g rsyslog -s
/sbin/nologin -u 514 rsyslog
# chown rsyslog: /var/log/{cron,maillog,messages,secure}
# chown -R rsyslog: /var/lib/rsyslog
# cat > /etc/systemd/system/rsyslog.service <<EOF
[Unit]
Description=System Logging Service
;Requires=syslog.socket
Documentation=man:rsyslogd(8)
Documentation=http://www.rsyslog.com/doc/
[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/rsyslog
ExecStart=/usr/sbin/rsyslogd -n -i /var/run/rsyslog/rsyslogd.pid
$SYSLOGD_OPTIONS
StandardOutput=null
Restart=on-failure
User=rsyslog
Group=rsyslog
UMask=0066
[Install]
WantedBy=multi-user.target
;Alias=syslog.service
EOF
# systemctl daemon-reload
# cat > /etc/tmpfiles.d/rsyslogd.conf <<EOF
D /var/run/rsyslog 0755 rsyslog rsyslog -
EOF
# mkdir /var/run/rsyslog
# systemd-tmpfiles --create --prefix=/var/run/rsyslog
...and when you're done with /etc/rsyslog.conf...
# systemctl restart rsyslog.service
# systemctl enable rsyslog.service
Thanks a lot anyway!
Martin
signature.asc
Description: This is a digitally signed message part
_______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
