Comment 20 for bug 407862
Revision history for this message
| Neil Wilson (neil-aldur) wrote Re: [Bug 407862] Re: [karmic] Messages not being sent to system logs | #20 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
For me it is busted as soon as I start up the machine unless I change
the ownership on the /var/log/* files to syslog:syslog and then it
will work fine.
I've just done the same as you after a fresh install of rsyslog to
make sure I'm on the latest repository version.
* tail /var/log/syslog
* sudo /etc/init.d/rsyslog restart
* plug in usb stick
* sudo /etc/init.d/rsyslog reload
* pull usb stick out
I get the kernel messages after the restart but not the reload.
Is your /var/log the same permissions as default? Mine is owned
root:root mode 755 and the /var/log/syslog is owned root:adm with mode
640.
Rsyslog is supposed to close all the files on reload, so if a
syslog:syslog owned process can reopen a 640 mode file with root:adm
ownership then the kernel probably has a security hole :-)
This may be a thread sync problem. I'm on AMD 64 with 2 cores. Is
your architecture similar?
2009/8/31 Michael Terry <email address hidden>:
> OK, so I finally got time to sit down and look at this, and I can't
> reproduce the problem (files that rsyslog can log stop being logged
> after reload).
--
Neil Wilson