ports/145289: syslog-ng.conf.sample doesn't cover default system logging configuration
Sergey
ikonta at yandex.ru
Fri Apr 2 12:00:20 UTC 2010
>Number: 145289
>Category: ports
>Synopsis: syslog-ng.conf.sample doesn't cover default system logging configuration
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Apr 02 12:00:20 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Sergey
>Release: 7.3-RELEASE
>Organization:
IRC
>Environment:
FreeBSD mx4.caotus.ru 7.3-RELEASE FreeBSD 7.3-RELEASE #6: Thu Mar 25 16:36:59 MSK 2010 root at mx4.caotus.ru:/usr/obj/usr/src/sys/MY_KERN i386
>Description:
syslog-ng.conf.sample entirely matches the /etc/syslog.conf
But, instead of syslogd, it operates with logfile owner/group/mode(permissions).
Which are ignored by syslogd (and setted in /etc/newsyslog.conf).
>How-To-Repeat:
Install sysutils/syslog-ng and switch system logging from syslogd to syslog-ng (using /usr/local/etc/syslog-ng/syslog-ng.conf copied from sample):
1. Put "syslog_ng_enable="YES"" to /etc/rc.conf
2. Execute /etc/rc.d/syslogd stop && /usr/local/etc/rc.d/syslog-ng start
3. Put "syslogd_enable="NO"" to /etc/rc.conf
Force some system event writing [for example] to /var/log/maillog or /var/log/messages
See the permissions of these file (you'll see not default, setted in /etc/newsyslog.conf, but default for syslog-ng root:wheel 0600).
>Fix:
Change declaration of log files in syslog-ng.conf[.sample]:
From:
destination messages { file("/var/log/messages"); };
to:
destination messages { file("/var/log/messages" perm(0644)); };
From:
destination maillog { file("/var/log/maillog"); };
to:
destination maillog { file("/var/log/maillog" perm(0644)); };
From:
destination ppp { file("/var/log/ppp.log"); };
to:
destination ppp { file("/var/log/ppp.log" owner("root") group("network") perm(0640)); };
And the rest from /etc/newsyslog.conf with permissions differ from root:wheel 0600 in the same way.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list