Ubuntu
syslog-ng package

Installation of syslog-ng results in Permission denied (13) errors

Bug #701671 reported by John Kounis
76
This bug affects 15 people
Affects Status Importance Assigned to Milestone
syslog-ng (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Binary package hint: syslog-ng

System: Ubuntu 10.10 Maverick
Package syslog-ng Version: 3.1.2-1

After installing syslog-ng (sudo apt-get install syslog-ng), the file /var/log/error filled up with the following errors:

Jan 11 10:49:33 pgfs syslog-ng[3363]: Error opening file for writing; filename='/var/log/syslog', error='Permission denied (13)'
Jan 11 10:49:33 pgfs syslog-ng[3363]: Error opening file for writing; filename='/var/log/messages', error='Permission denied (13)'
Jan 11 10:49:44 pgfs syslog-ng[3363]: Error opening file for writing; filename='/var/log/auth.log', error='Permission denied (13)'
Jan 11 10:49:44 pgfs syslog-ng[3363]: Error opening file for writing; filename='/var/log/auth.log', error='Permission denied (13)'
Jan 11 10:49:44 pgfs syslog-ng[3363]: Error opening file for writing; filename='/var/log/syslog', error='Permission denied (13)'
Jan 11 10:49:44 pgfs syslog-ng[3363]: Error opening file for writing; filename='/var/log/syslog', error='Permission denied (13)'

The reason is that syslogd ran as user: syslog group: adm, but syslog-ng runs as user: root group:adm.

There are two solutions I can suggest:

(1) Change the option owner("root") to owner("syslog") in the file /etc/syslog-ng/syslog-ng.conf distributed as part of the package.

(2) Have the installation procedure execute "chown root.adm" for all logs listed as destinations in syslog-ng.conf.

There is one thing I'm confused about: Since syslog-ng runs as "root" instead of "sysadm," why is it getting "Permission denied" errors? I thought root shouldn't get those errors.

Revision history for this message
Kaltsi (kaltsi) wrote :

Please update syslog-ng packege in backport to version syslog-ng 3.1.3-3.

http://packages.qa.debian.org/s/syslog-ng/news/20110201T193207Z.html

The version syslog-ng 3.1.2-1 contains more bugs.

Thx

Revision history for this message
Adam Nelson (adam-varud) wrote :

This is a huge problem - it effectively makes syslog-ng unfit for use.

Revision history for this message
Adam Nelson (adam-varud) wrote :

I've tried setting option #1, which does not work. This was my quickfix from /var/log:

sudo chown --from=syslog root *

Revision history for this message
Gordon Reyburn (greyburn) wrote :

I got this working by doing the following:

1) As the OP said, "Change the option owner("root") to owner("syslog") in the file /etc/syslog-ng/syslog-ng.conf distributed as part of the package.". Not sure this actually does anything, certainly doesn't start the process as "syslog" but it may be used for writing files.

2) Change the SYSLOGNG_OPTS="" in /etc/init.d/syslog-ng to read : SYSLOGNG_OPTS="-u syslog -g adm"

3) Change the pid location specified in /etc/init.d/syslog-ng FROM /var/run/syslog-ng.pid TO /var/run/syslog-ng/syslog-ng.pid

4) /var/run/syslog-ng/ was already created by the syslog-ng package, which is a little odd given the default config doesn't use it. You will need to fix the permissions of this dir so the syslog user can write to it. 'chown syslog:adm /var/run/syslog-ng'

5) make sure all log files referenced by your syslog-ng config (/etc/syslog-ng/syslog-ng.conf) are owned by syslog:adm. Do not chown the whole directory or you will have problems.

5) restart syslog-ng

6) sleep better knowing syslog is no longer running as root :)

Launchpad Janitor (janitor)
Changed in syslog-ng (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.