Date: Fri, 2 Apr 2010 11:53:38 GMT From: Sergey <ikonta@yandex.ru> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/145289: syslog-ng.conf.sample doesn't cover default system logging configuration Message-ID: <201004021153.o32BrcIi038004@www.freebsd.org> Resent-Message-ID: <201004021200.o32C0K81007322@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 145289 >Category: ports >Synopsis: syslog-ng.conf.sample doesn't cover default system logging configuration >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Apr 02 12:00:20 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Sergey >Release: 7.3-RELEASE >Organization: IRC >Environment: FreeBSD mx4.caotus.ru 7.3-RELEASE FreeBSD 7.3-RELEASE #6: Thu Mar 25 16:36:59 MSK 2010 root@mx4.caotus.ru:/usr/obj/usr/src/sys/MY_KERN i386 >Description: syslog-ng.conf.sample entirely matches the /etc/syslog.conf But, instead of syslogd, it operates with logfile owner/group/mode(permissions). Which are ignored by syslogd (and setted in /etc/newsyslog.conf). >How-To-Repeat: Install sysutils/syslog-ng and switch system logging from syslogd to syslog-ng (using /usr/local/etc/syslog-ng/syslog-ng.conf copied from sample): 1. Put "syslog_ng_enable="YES"" to /etc/rc.conf 2. Execute /etc/rc.d/syslogd stop && /usr/local/etc/rc.d/syslog-ng start 3. Put "syslogd_enable="NO"" to /etc/rc.conf Force some system event writing [for example] to /var/log/maillog or /var/log/messages See the permissions of these file (you'll see not default, setted in /etc/newsyslog.conf, but default for syslog-ng root:wheel 0600). >Fix: Change declaration of log files in syslog-ng.conf[.sample]: From: destination messages { file("/var/log/messages"); }; to: destination messages { file("/var/log/messages" perm(0644)); }; From: destination maillog { file("/var/log/maillog"); }; to: destination maillog { file("/var/log/maillog" perm(0644)); }; From: destination ppp { file("/var/log/ppp.log"); }; to: destination ppp { file("/var/log/ppp.log" owner("root") group("network") perm(0640)); }; And the rest from /etc/newsyslog.conf with permissions differ from root:wheel 0600 in the same way. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201004021153.o32BrcIi038004>