Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 2 Apr 2010 11:53:38 GMT
From:      Sergey <ikonta@yandex.ru>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/145289: syslog-ng.conf.sample doesn't cover default system logging configuration
Message-ID:  <201004021153.o32BrcIi038004@www.freebsd.org>
Resent-Message-ID: <201004021200.o32C0K81007322@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         145289
>Category:       ports
>Synopsis:       syslog-ng.conf.sample doesn't cover default system logging configuration
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Apr 02 12:00:20 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Sergey
>Release:        7.3-RELEASE
>Organization:
IRC
>Environment:
FreeBSD mx4.caotus.ru 7.3-RELEASE FreeBSD 7.3-RELEASE #6: Thu Mar 25 16:36:59 MSK 2010     root@mx4.caotus.ru:/usr/obj/usr/src/sys/MY_KERN  i386

>Description:
syslog-ng.conf.sample entirely matches the /etc/syslog.conf

But, instead of syslogd, it operates with logfile owner/group/mode(permissions).
Which are ignored by syslogd (and setted in /etc/newsyslog.conf).
>How-To-Repeat:
Install sysutils/syslog-ng and switch system logging from syslogd to syslog-ng (using /usr/local/etc/syslog-ng/syslog-ng.conf copied from sample):
1. Put "syslog_ng_enable="YES"" to /etc/rc.conf
2. Execute /etc/rc.d/syslogd stop && /usr/local/etc/rc.d/syslog-ng start
3. Put "syslogd_enable="NO"" to /etc/rc.conf

Force some system event writing [for example] to /var/log/maillog or /var/log/messages

See the permissions of these file (you'll see not default, setted in /etc/newsyslog.conf, but default for syslog-ng root:wheel 0600).
>Fix:
Change declaration of log files in syslog-ng.conf[.sample]:

From:
destination messages { file("/var/log/messages"); };
to:
destination messages { file("/var/log/messages" perm(0644)); };

From:
destination maillog { file("/var/log/maillog"); };
to:
destination maillog { file("/var/log/maillog" perm(0644)); };

From:
destination ppp { file("/var/log/ppp.log"); };
to:
destination ppp { file("/var/log/ppp.log" owner("root") group("network") perm(0640)); };


And the rest from /etc/newsyslog.conf with permissions differ from root:wheel 0600 in the same way.

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201004021153.o32BrcIi038004>