Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.
Unable to change the group ownership of a file in journal files
설명
The group ownership of the file/directory was configured to use an AD group. The correct ownership was correctly assigned to the file/directory however the journal files’ (*.jor) ownership remain the same.
The following errors were seen in the logs: syslog-ng[54490]: Log store warning; filename='/data/log/abc/2021/11/08/192.11.10.2-20211108.log', message='Warning: Setting permissions of log store file failed; error=\'/data/log/xyz/2021/11/08/192.11.10.2-20211108.log\''
syslog-ng[54490]: Log store warning; filename='/data/log/abc/2021/11/08/192.11.10.2-20211108.log', message='Warning: Setting permissions of journal file failed; filename=\'/data/log/xyz/2021/11/08/192.11.10.2-20211108.log.jor\' message=\'Operation not permitted\''
syslog-ng[54490]: Log store warning; filename='/data/log/abc/2021/11/08/host.test.com-20211108.log', message='Warning: Setting permissions of journal file failed; filename=\'/data/log/xyz/2021/11/08/host.test.com-20211108.log.jor\' message=\'Operation not permitted\''
syslog-ng[54490]: Log store warning; filename='/data/log/xyz/2021/11/08/192.11.10.2-20211108.log', message='Warnings: setting permissions of logstore index file failed; error=\'Operation not permitted\''
해결 방안
WORKAROUND 1. Modify the systemd service file of syslog-ng at: /usr/lib/systemd/system/syslog-ng.service
2. Change the line ExecStart=/opt/syslog-ng/sbin/syslog-ng -F --enable-core $SYSLOGNG_OPTIONS
STATUS Change Request SYSLOGDEV-6165 has been raised with our Product team for consideration of inclusion in the future release of syslog-ng Premium Edition.