On Mon, 10 Jul 2017, deoren wrote:
On 7/10/17 5:13 PM, David Lang wrote:
On Mon, 10 Jul 2017, deoren wrote:
I checked Debian 9 and that release appears to be handling the rsyslog
configuration the same way as CentOS 7: run as root, do not attempt to
drop privileges. Ubuntu's rsyslog package on the other hand does make the
attempt, as does the package provided by the Ubuntu PPA.
Provided that the local sysadmin doesn't rely on dynamic file creation and
instead pre-creates any needed log files, an override for the
/usr/lib/tmpfiles.d/var.conf does not appear to be necessary.
If there is something new that's needed to let rsyslog create files as
needed, that's a significant regression and should be fixed upstream in
whatever is requiring it.
Especially with dynafiles, it's not possible to create all the log files
ahead of time.
David Lang
Hi David,
My comment wasn't as clear as it should have been. The
/usr/lib/tmpfiles.d/var.conf file targets specific directories and one of
those is /var/log. By default /var/log is set to 0755, so if rsyslog is to
generate files dynamically at the root of /var/log, then the override is
needed. Otherwise, if you specify that files are to be dynamically created
within a subdirectory that rsyslog has access to ('/var/log/rsyslog_clients'
for example) then dynamic files are created properly.
Dynamic filename generation within a subdirectory is working fine for me now
with rsyslog 8.27.0 from the PPA. It's the dynamic creation within /var/log
that is not working when using the PPA.
Please file a bug within Ubuntu, rsyslog (or any other program) should not need
special configs to create files in directories they have permissions to, and if
they configure rsyslog to not have permission to create files in /var/log, they
have done something very stupid.
How have they managed to do this? have they changed the AppArmor configs to no
longer allow rsyslog to create files in /var/log? If they did, they should
revert to the prior permissions.
My Ubuntu desktop doesn't even have a /usr/lib/tempfiles.d directory.
David Lang
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.