Syslog-ng PE does not detect source file rotation (4377387)

Converse agora com nosso suporte

Voltar

Feedback enviado

Este artigo resolveu um problema para você?

Selecione a classificação

Título

Syslog-ng PE does not detect source file rotation
Descrição

If a currently used log file is being renamed and a new empty file is being put in its place, syslog-ng will ATTEMPT to detect the change, however if any directory on the path missing read and execute permission for the user syslog-ng run as, even root, it fails.

In such cases syslog-ng will show the following error:

Follow mode file still does not exist; filename
Causa

Syslog-ng drops certain capabilities when it is starting, for security reasons. Therefore it need access to directories like a regular user - even if ran as root - to be able to execute the system calls to detect the change after the file rotation.
Resolução

The user needs a read and execute permission on every directory on the path of the file source.

All the below command worked for setting the permission:

# chmod o+rx /home/user1

# setfacl -m u:root:rx /home/user1

# usermod -a -G user1 root

Feedback enviado

Este artigo resolveu um problema para você?

Selecione a classificação

Conteúdo recomendado

Produto(s):: syslog-ng Premium Edition
7.0.34, 7.0.33, 7.0.32, 7.0.29, 7.0.28, 7.0.27, 7.0.26, 7.0.20, 6.0.24, 6.0.23, 6.0.22, 6.0.21

Histórico do artigo:: Criado em: 10/25/2024
Última atualização em: 10/29/2024

Título