sysklogd init-script arguments [patch inside]

Bug #103232 reported by smaug
270
Affects Status Importance Assigned to Milestone
sysklogd (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

Binary package hint: sysklogd

there is a bug in the init-script for sysklogd. any arguments passed via the variable SYSLOGD at the beginning of the script are not recognized. I tried to start syslog with logging:

SYSLOGD="-r -u syslog"

and then restarted syslog. A ps -aux gave me this result:

root@fmeisterwks:/etc/init.d# ps aux |grep sysl
root 11416 0.0 0.0 1652 616 ? Ss 10:28 0:00 /sbin/syslogd
root 11461 0.0 0.0 2796 756 pts/7 S+ 10:29 0:00 grep sysl

_no_ arguments. So I searched for the problem. I think it's some variable problem. If I rename every occurence of SYSLOGD into MYSYSLOGD in the init-script everything works fine.

Related branches

Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote :

Where is it documented that you can pass the variable into the script?

If you want to change the arguments, EDIT the script and change the SYSLOGD variable definition near the top

Changed in sysklogd:
status: Unconfirmed → Rejected
Revision history for this message
smaug (florian-meister) wrote :

that is what I've done. I've changed the variable in the script.

Revision history for this message
smaug (florian-meister) wrote :

let me try to explain it again:

--snip--
fmeister@fmeisterlap:~$ ps aux |grep sysl
root 4523 0.0 0.1 1700 644 ? Ss 19:28 0:00 /sbin/syslogd
fmeister 29528 0.0 0.1 2884 748 pts/1 R+ 21:06 0:00 grep sysl
--snap--

syslog is running as _root_ but in /etc/init.d/sysklogd is:

--snip--
# Options for start/restart the daemons
# For remote UDP logging use SYSLOGD="-r"
#
SYSLOGD="-u syslog"
--snap--

so it _should_ run as user syslog ...

i tried to add some parameters - _no_ parameters are recognized in this variable "SYSLOGD" in the init-script. if I rename every occurrence of the variable "SYSLOGD" into somewhat other, it works.

Revision history for this message
blubdog (blubdog) wrote :

I can confirm this bug. I found that if you move the SYSLOGD line containing the parameters down below the ". /lib/lsb/init-functions" line, then it works. So something in init-functions is nuking the SYSLOGD variable.

Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote :

Do you have either an /etc/default/syslogd or /etc/ltsp/syslogd file, which can override the value of that variable (as documented in the script)?

Revision history for this message
smaug (florian-meister) wrote :

thank you for your reply,

yes I have such a file:

--snip--
#
# For remote UDP logging use SYSLOGD="-r"
#
SYSLOGD=""
--snap--

so it's correct that the default file is overwriting the the arguments in the init.d-script ? isn't it better to place the default-definition over the SYSLOGD variable in the init-script itself ?

Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote :

Paradoxically, the /etc/default files are intended for you to modify to *change* the defaults -- so you don't need to edit the init script, and thus risk difficult merges if the init script changes.

Revision history for this message
smaug (florian-meister) wrote :

so if I understand you right variables in init-scripts should not be changed. Changes should be made in the "default" files.

Sorry for the misunderstanding and thank you for the explanation.

Revision history for this message
blubdog (blubdog) wrote :

I still believe there is a bug, although it has changed slightly. I'm running a very new, fresh install of feisty.

The default /etc/init.d/sysklogd has the line:

  SYSLOGD="-u syslog"

The default /etc/init.d/syslogd has the line:

  SYSLOGD=""

which overrides/nukes the init.d parameters.

This means that syslogd is running as root, instead of running as the lower privileged user of "syslog". I confirmed this with "ps -ef".

A fix would be to copy/move the "SYSLOGD=" line from init.d into /etc/default/syslogd. Or to remove /etc/default/syslogd entirely in the default install.

Revision history for this message
smaug (florian-meister) wrote :

:) oh - that was what confused me in the first post ... running syslogd as root may be a potential security issue, is it ?

Revision history for this message
Graeme Hewson (ghewson) wrote : [PATCH] Re: sysklogd init-script arguments

I too found the problem described by the original poster, setting SYSLOGD="-r -u syslog" in /etc/init.d/sysklogd and finding my setting was wiped out. This was in Feisty; I did the same thing in Dapper and it worked fine.

I believe the comment in /etc/init.d/sysklogd is misleading for several reasons. It says:

# Options for start/restart the daemons
# For remote UDP logging use SYSLOGD="-r"
#
SYSLOGD="-u syslog"

test ! -r /etc/default/syslogd || . /etc/default/syslogd

It implies that you need to set $SYSLOGD here to set the required options, but it doesn't mention the code that pulls the options from /etc/default/syslogd. It also seems to say that if you want remote logging, you need to replace "-u syslog" with "-r", rather than appending "-r".

I attach patches for /etc/init.d/sysklog and /etc/default/syslogd which I hope will make things clearer to users.

Revision history for this message
Graeme Hewson (ghewson) wrote : Re: sysklogd init-script arguments

Oops, I left a debugging statement in one of the patches. Revised patchset attached.

Graeme Hewson (ghewson)
Changed in sysklogd:
status: Rejected → Unconfirmed
Revision history for this message
otzenpunk (reisswolf-nospam) wrote :

smaug said:
>>oh - that was what confused me in the first post ... running syslogd as root may be a potential security issue, is it ?<<

I think it is. I'll flag this as a security bug.

Changed in sysklogd:
status: Unconfirmed → Confirmed
Revision history for this message
Graeme Hewson (ghewson) wrote :

Sorry, I need to upload yet another version of the patchset... third time lucky. I wasn't allowing for the possibility that /etc/default/syslogd exists, yet doesn't set $SYSLOGD. This is mentioned in the Debian policy manual at http://www.debian.org/doc/debian-policy/ch-opersys.html, section 9.3.2

Revision history for this message
Graeme Hewson (ghewson) wrote :

I have found further problems with syslogd, which I've reported in bug #120085.

Revision history for this message
Mathias Gug (mathiaz) wrote :

Thanks for your patch.

However, I would just update the comment to state that the default configuration should be set in /etc/default/syslogd.

I wouldn't set the default SYSLOGD in the init script to use the -u switch as this configuration needs more work to make it works correctly (as you reported in bug #120085).

Changed in sysklogd:
importance: Undecided → Low
Revision history for this message
Mathias Gug (mathiaz) wrote :

sysklogd (1.4.1-21ubuntu3) gutsy; urgency=low

  * debian/rc:
    * Fix syslogd to run as syslog user. Fix LP: #120085.
    * Add comment that points to /etc/default/syslogd to set default options.
      Fix LP: #103232.
  * debian/cron.daily, debian/cron.weekly:
    * Rotate logs with the correct ownership.

 -- Mathias Gug <email address hidden> Fri, 07 Sep 2007 18:57:55 -0400

Changed in sysklogd:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.