[Bug 1265812] Re: Apparmor profile prevents rsyslog from chown'ing log files
Simon Déziel
1265812 at bugs.launchpad.net
Tue Mar 25 17:26:15 UTC 2014
John, I'm attaching the full syslog as it's only 400 lines long. Let me
know if you need anything else.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1265812
Title:
Apparmor profile prevents rsyslog from chown'ing log files
Status in “rsyslog” package in Ubuntu:
Fix Released
Bug description:
When enabling the Apparmor profile of rsyslog before the first boot
(i.e.: post debootstrap) rsyslog is able to create the destination log
files like /var/log/syslog but cannot chown them. Since rsyslog drops
privileges after creating files, it can no longer write to them so the
admin is left with no log.
Here is how to reproduce:
1) stop rsyslog
2) rm -f /etc/apparmor.d/disable/usr.sbin.rsyslogd
3) service apparmor reload
4) rm -f /var/log/syslog
5) start rsyslog
6) ls -l /var/log/syslog
Step 6 show those incorrect ownership and permissions:
# ls -l /var/log/syslog
-rw-r--r-- 1 root root 0 Jan 3 09:19 /var/log/syslog
But should show this instead:
# ls -l /var/log/syslog
-rw-r----- 1 syslog adm 622 Jan 3 09:23 /var/log/syslog
I think the proper solution would be to add the chown capability to rsyslog's Apparmor profile.
More info about the system:
# lsb_release -rd
Description: Ubuntu 12.04.3 LTS
Release: 12.04
# apt-cache policy rsyslog
rsyslog:
Installed: 5.8.6-1ubuntu8.6
Candidate: 5.8.6-1ubuntu8.6
Version table:
*** 5.8.6-1ubuntu8.6 0
500 http://archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages
100 /var/lib/dpkg/status
5.8.6-1ubuntu8 0
500 http://archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1265812/+subscriptions
More information about the foundations-bugs
mailing list