Bug#1049424: ntpsec: Missing /var/log/ntpsec is logged as an error

2023-08-16 Thread Richard Laager 

On 2023-08-15 10:35, Santiago Vila wrote:
Either a missing /var/log/ntpsec directory is considered a "supported 
configuration" or it's not.


I agree with you on the general point.

I'll process this bug in more detail when time allows, in the relatively 
near future. I currently expect the answer will be to accept the patch 
as written.


Thanks for the bug report and patch.

--
Richard



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1049424: ntpsec: Missing /var/log/ntpsec is logged as an error

2023-08-15 Thread Santiago Vila 

Package: ntpsec
Version: 1.2.0+dfsg1-4
Tags: patch

Dear maintainer:

On a freshly installed Debian system (at least from Debian 11),
installing ntpsec creates by default log entries like this one:

ntpd[325]: statistics directory /var/log/ntpsec/ does not exist or is 
unwriteable, error No such file or directory

Note that this is considered an error and it's shown in red by journalctl.
In fact, this is from line 810 in ntpd/ntpd.c:

msyslog(LOG_ERR, "statistics directory %s does not exist or is unwriteable, error 
%s", statsdir, strerror(errno));

The configuration file, however, says this:

# You must create /var/log/ntpsec (owned by ntpsec:ntpsec) to enable logging.

So the configuration file suggests that you only need to create the directory
to enable logging, but it's otherwise ok for the directory to be missing.

This seems a little bit contradictory to me, and I'll explain:

Either a missing /var/log/ntpsec directory is considered a "supported 
configuration" or it's not.

If it's a supported configuration, then this seems a bug in the program and the 
message should be logged with a priority different than LOG_ERR, like 
LOG_WARNING or LOG_NOTICE. In a general sense, supported configurations should 
not issue error messages. The attached patch just changes LOG_ERR to 
LOG_WARNING. I've tested it and now it shows the message in yellow.

On the other hand, if it's not a supported configuration, then this seems a 
packaging bug and it would be desirable to create /var/log/ntpsec with 
appropriate permissions in the  postinst in an unconditional way (not 
conditionally as it's currently done).

[ Note: I really don't know if a missing /var/log/ntpsec is intended to be a 
supported configuration or not, you might want to contact upstream for that ].

Thanks.--- a/ntpd/ntpd.c
+++ b/ntpd/ntpd.c
@@ -875,7 +875,7 @@ main(
 #endif
 
if (access(statsdir, W_OK) != 0) {
-   msyslog(LOG_ERR, "statistics directory %s does not exist or is 
unwriteable, error %s", statsdir, strerror(errno));
+   msyslog(LOG_WARNING, "statistics directory %s does not exist or is 
unwriteable, error %s", statsdir, strerror(errno));
}
 
mainloop();