2016-08-25 8:01 GMT+02:00 Robin Jonsson <[email protected]>: > Thanks for your reply! > > Have I understood it correctly that you suggest removing $FileCreateMode/ > $DirCreateMode? I am already using DirCreateMode and FileCreateMode in the > action clause.
This sounds like there is a problem applying the modes. With the old version, you only see this in a debug log. So the next step is to activate rsyslog debug logging and check for errors during file creation. HTH Rainer > > Regards, > Robin > > On 160825// 00:41 , "[email protected] on behalf of David > Lang" <[email protected] on behalf of [email protected]> wrote: > > when you use action(), it completely ignores the legacy stuff set with > $filecreatemode etc. everything needs to be specified in the action() > clause. > > David Lang > > On Wed, 24 Aug 2016, Robin Jonsson wrote: > > > Date: Wed, 24 Aug 2016 12:15:05 +0000 > > From: Robin Jonsson <[email protected]> > > Reply-To: rsyslog-users <[email protected]> > > To: "[email protected]" <[email protected]> > > Subject: [rsyslog] $DirCreateMode / $FileCreateMode is not enforced > > > > Hi, > > > > I’m currently setting up a syslog-server to be used for Network > equipment and servers based on rsyslogd (rsyslog-7.4.7-12.el7.x86_64) running > on Centos 7. The logging is working fine and everything goes into the > directories I’ve chosen, but the permissions for the servers seems to be a > bit strange and doesn’t follow the values specified in > $DirCreateMode/$FileCreateMode. For Network equipment this works perfectly!! > > > > Each directory for the servers are created with 0711, should be 0755. > Files are created with 0600, should be 0644. > > > > root@logstore]# cat /etc/rsyslog.conf > > $ModLoad imudp > > $UDPServerRun 514 > > $ModLoad imtcp > > $InputTCPServerRun 514 > > $WorkDirectory /var/lib/rsyslog > > $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat > > $IncludeConfig /etc/rsyslog.d/*.conf > > $OmitLocalLogging on > > $IMJournalStateFile imjournal.state > > $FileOwner root > > $FileGroup wheel > > $FileCreateMode 0644 > > $DirCreateMode 0755 > > > > template (name="remote_server" type="string" > string="/var/log/server/%fromhost%/%fromhost%.log") > > template (name="remote_network" type="string" > string="/var/log/network/%fromhost%/%fromhost%.log") > > > > # If received on Facility 22 then sort as server stuff.. > > if ( ($inputname == 'imudp' or $inputname == 'imtcp') and > $syslogfacility == 22 ) then { > > action (type="omfile" dynaFile="remote_server" DirCreateMode="0755" > FileCreateMode="0644" ) > > } > > > > # … else sort as network stuff > > else if ( $inputname == 'imudp' or $inputname == 'imtcp' ) then { > > action(type="omfile" dynaFile="remote_network" DirCreateMode="0755" > FileCreateMode="0644" ) > > stop > > } > > # Ignore this host… > > if $hostname == 'last' then stop > > > > *.info;mail.none;authpriv.none;cron.none > /var/log/messages > > authpriv.* /var/log/secure > > mail.* > -/var/log/maillog > > cron.* /var/log/cron > > *.emerg :omusrmsg:* > > uucp,news.crit /var/log/spooler > > local7.* > /var/log/boot.log > > > > Directories and files created by rsyslogd for servers (not working – > 711 for dir and 600 for files): > > ls -la /var/log/server > > (…) > > drwx--x--x. 2 root root 100 Aug 24 03:19 server-sfe03.domain.local > > (…) > > > > ls -la /var/log/server/server-sfe01.domain.local > > total 256 > > drwx--x--x. 2 root root 100 Aug 24 03:19 . > > drwxr-xr-x. 9 root root 4096 Aug 24 13:20 .. > > -rw-------. 1 root root 241821 Aug 24 13:20 > server-sfe01.domain.local.log > > -rw-------. 1 root root 7311 Aug 24 01:19 > server-sfe01.domain.local.log-20160824.gz > > > > Directories and files created by rsyslogd for networks (this works – > 755 for dir and 644 for files): > > ls -l /var/log/network > > (…) > > drwxr-xr-x. 2 root root 8192 Aug 24 03:18 network-asa01.domain.local > > (…) > > > > drwxr-xr-x. 2 root root 8192 Aug 24 03:18 network-asa01.domain.local > > ls –al /var/log/network/network-asa01.domain.local > > total 83756 > > drwxr-xr-x. 2 root root 8192 Aug 24 03:18 . > > drwxr-xr-x. 53 root root 4096 Aug 23 15:32 .. > > -rw-r--r--. 1 root root 9107124 Aug 24 13:33 > network-asa01.domain.local.log > > (…) > > > > Any help is much appreciated! Why is not DirCreateMode / FileCreateMode > enforced? I’ve checked umask and permissions on both /var/log/network and > /var/log/servers and they are the same. > > > > Thanks in advance! > > > > Regards, > > Robin Jonsson > > _______________________________________________ > > rsyslog mailing list > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > > > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.

