| 1 |
On Wed, 16 Nov 2005, Brad Plant wrote: |
| 2 |
> I ran syslog-ng as a non-root user once before, but now I run it as |
| 3 |
> root. From what I can remember, syslog-ng opened /proc/kmsg before |
| 4 |
> dropping privileges, however when you sent the HUP signal (i.e. after |
| 5 |
> running logrotate) it closed all the files and reopened them again. |
| 6 |
> Because it no longer had root permissions, it couldn't |
| 7 |
> reopen /proc/kmsg. |
| 8 |
|
| 9 |
Why did you rotate yourself your log ? |
| 10 |
You better use MACRO like : |
| 11 |
|
| 12 |
destination full { |
| 13 |
file("/var/log/full/full_$YEAR.$MONTH.$DAY.log" log_fifo_size(1000) dir_perm(0755) create_dirs(yes)); |
| 14 |
file("/dev/tty12"); |
| 15 |
}; |
| 16 |
destination full_net { |
| 17 |
file("/var/log/net/net_$HOST.$YEAR/$MONTH.$DAY.log" dir_perm(0755) create_dirs(yes)); |
| 18 |
}; |
| 19 |
|
| 20 |
Its better usable :-) |
| 21 |
|
| 22 |
-- |
| 23 |
Jerome POGGI Jerome.Poggi@×××.fr |
| 24 |
Herve Schauer Consultants -=- Consultant Sécurité Informatique, CISSP |
| 25 |
http://www.hsc.fr/ Tèl : +33 141 409 700 |
| 26 |
|
| 27 |
-- |
| 28 |
gentoo-security@g.o mailing list |
Archives