The klog component of rsyslog has two modes, one reads from the kernel
interface (klogctl) and one reads from /proc/kmsg (which secretly uses
klogctl). klogctl will only let privileged processes read from it
(well, anything that has CAP_SYS_ADMIN).
Ubuntu runs rsyslog unprivileged, but gets around this requirement by
running a privileged dd instance that shovels /proc/kmsg to a location
that rsyslog can read. Not pretty, but dd is relatively safe and
certainly more narrow than running rsyslog with CAP_SYS_ADMIN. As a
result, however, the klogctl mode doesn't really work.
The error message you are getting in your strace log is only used in
klogctl mode. That mode is triggered by either the config field
klogusesyscallinterface (case doesn't matter) or if the pipe
/var/run/rsyslog/kmsg doesn't exist when rsyslog runs (it's created by
the init script right before staring the daemon).
So... Is that config field set? Do you have any idea why
/var/run/rsyslog/kmsg would not exist?
I suspect we should not respect that config field as long as we use the
/proc/kmsg shoveling method.
** Changed in: rsyslog (Ubuntu)
Status: Confirmed => Incomplete
--
rsyslog hangs during upgrade
https://bugs.launchpad.net/bugs/401433
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
