Incorrect ownership or permissions for spool/work directory
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Rsyslog |
Fix Released
|
Unknown
|
|||
rsyslog (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Precise |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Impact:
/var/spool/rsyslog has wrong ownership/
Test Case:
ls -ld /var/spool/rsyslog -> should be owned by syslog:adm
Regression Potential:
Limited, the old permissions were wrong, it's still a change in behaviour though...
---
Hi,
By default, the spool/work directory is as follows:
drwxr-xr-x 2 root root 4096 Mar 8 2012 /var/spool/rsyslog
This is incorrect as rsyslog drops root privileges and changes to the syslog user. As tested, spool files are also written out as the syslog user:
root@juju-
total 16
drwxrwxrwx 2 syslog adm 4096 Nov 7 09:20 .
drwxr-xr-x 6 root root 4096 Nov 7 06:46 ..
-rw------- 1 syslog syslog 1603 Nov 7 09:20 srvrfwd.00000001
-rw------- 1 syslog syslog 482 Nov 7 09:20 srvrfwd.qi
The version of rsyslog used is as follows:
root@juju-
ii rsyslog 5.8.6-1ubuntu8 reliable system and kernel logging daemon
ii rsyslog-relp 5.8.6-1ubuntu8 RELP protocol support for rsyslog
Could we please have this fixed?
Thanks,
Haw
Related branches
- Dimitri John Ledkov: Approve
-
Diff: 27 lines (+9/-0)2 files modifieddebian/changelog (+6/-0)
debian/rsyslog.postinst (+3/-0)
- Sebastien Bacher: Approve
- Ubuntu branches: Pending requested
-
Diff: 45 lines (+17/-0)4 files modified.pc/.quilt_patches (+1/-0)
.pc/.quilt_series (+1/-0)
debian/changelog (+12/-0)
debian/rsyslog.postinst (+3/-0)
- Martin Pitt: Approve
-
Diff: 27 lines (+9/-0)2 files modifieddebian/changelog (+6/-0)
debian/rsyslog.postinst (+3/-0)
tags: | added: canonical-webops-juju |
Changed in rsyslog (Ubuntu): | |
importance: | Undecided → Medium |
Changed in rsyslog: | |
status: | Unknown → Fix Released |
Changed in rsyslog: | |
status: | Fix Released → New |
Changed in rsyslog: | |
status: | New → Fix Released |
Changed in rsyslog (Ubuntu Precise): | |
importance: | Undecided → Medium |
status: | New → In Progress |
description: | updated |
Thanks for this! Can you please forward the fix to Debian as well?