Comment 36 for bug 407862
Revision history for this message
| Rainer Gerhards (rgerhards) wrote RE: [Bug 407862] Re: [karmic] Messages not being sent to system logs | #36 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
> > I agree. The logrotate.d file that rsyslog uses in Debian/Ubuntu
> should use the 'create' directive which says
> > which user/group to create files as.
>
> Hmm, I guess that's actually not needed. Without the create directive,
> it leaves the creating up to rsyslog, which is fine for our purposes.
... but in that case, I wonder why there is an issue in the first place.
rsyslogd, correctly configured, creates files with the correct user. If the
files have the correct user, and the right permissions, there is no issue in
re-opening files after a HUP.
The original bug report claimed that the files were root-owned. So I conclude
the problem is either of this:
a) rsyslog.conf is incorrect and does not specify the correct file owner at
the correct location
OR
b) some other process creates the files with the wrong user
In theory, there is a possibility c) that there is a bug in rsyslogd that
prevents creation with the proper owner.
So far, I outrule c) because my testing indicates this is not the case.
So it is either a) or b).
Now comes the important point: if it is a), the problem will persist, because
the provided fix will also fail because of the configuration.
So it looks like it is b). That, however, means that the current solution
works to some degree, but fails under some circumstances. This, I think, is
pretty dangerous and very hard to solve when a bug report comes in. Please
see my failure case described in the links I posted in one of my earlier
messages.
So while I have implemented a work-around in rsyslog, I still think this is
the wrong cure and careful consideration and review of all system components
is needed. Also keep in mind that the work-around will most likely always
fail with future rsyslg versions that have proper privilege drop code. Thus
the current work-around buys some time to find the component the incorrectly
creates the files - but it does not more.
Of course, distro-specific questions are not really of my concern. But I am
being somewhat persistent on this issue as I believe Ubuntu is a very
important distribution, does great work and as such deserves good
contributions.
Rainer