[rsyslog] rsyslog as non-root user

Rainer Gerhards rgerhards at hq.adiscon.com
Fri Feb 3 10:39:49 CET 2012


> -----Original Message-----
> From: rsyslog-bounces at lists.adiscon.com [mailto:rsyslog-
> bounces at lists.adiscon.com] On Behalf Of Michael Maymann
> Sent: Friday, February 03, 2012 10:28 AM
> To: rsyslog-users
> Subject: Re: [rsyslog] rsyslog as non-root user
> 
> Hi,
> 
> Rainer: Thanks for your help.
> 
> Just to understand rsyslog: should the root-owned mother-proccess be
> kept
> alive (sounds like the right way to do things) or is the purpose that
> the
> motherproccess dies and child proccess gets owned by init (doesn't
> sound
> right)

It doesn't "die" (co-notation: errs) but "terminates" (co-notation: all well,
expected). Have a look yourself:

http://git.adiscon.com/?p=rsyslog.git;a=blob;f=tools/syslogd.c;h=2e7a1e23a15d
24d4a4b0558c3f33253eb5baa3c7;hb=HEAD#l1582

Rainer
> 
> If the latter: the "&" (but in background) is sufficient:
> SYSLOGD_OPTIONS="-c 6 -n &"
> Otherwise I think I would somehow need to start a new shell and execute
> the
> rsyslog command with "&", e.g.:
> SYSLOGD_OPTIONS="-c 6 -n"
> bash -c "daemon --pidfile=\"${PIDFILE}\" $exec $SYSLOGD_OPTIONS" &
> 
> Anyone with a working PrivDropToUser
> /etc/sysconfig/rsyslog+/etc/init.d/rsyslog ?
> 
> 
> Thanks in advance :-) !
> 
> Br.
> ~maymann
> 
> 
> 2012/2/3 Rainer Gerhards <rgerhards at hq.adiscon.com>
> 
> > I guess you need to understand what the init scripts demand. I don't
> do so
> > I
> > better do not provide any more comments ;)
> >
> > rainer
> >
> > > -----Original Message-----
> > > From: rsyslog-bounces at lists.adiscon.com [mailto:rsyslog-
> > > bounces at lists.adiscon.com] On Behalf Of Michael Maymann
> > > Sent: Friday, February 03, 2012 10:04 AM
> > > To: rsyslog-users
> > > Subject: Re: [rsyslog] rsyslog as non-root user
> > >
> > > Hi,
> > >
> > > Rainer: thanks for your reply.
> > > Tried without auto-backgrounding, here is the proccesses I see:
> > > root     14814 14131  0 10:43 pts/0    00:00:00 /bin/sh
> /sbin/service
> > > rsyslog start
> > > root     14819 14814  0 10:43 pts/0    00:00:00 /bin/bash
> > > /etc/init.d/rsyslog start
> > > root     14822 14819  0 10:43 pts/0    00:00:00 /bin/bash -c ulimit
> -S
> > > -c 0
> > > >/dev/null 2>&1 ; /usr/sbin/rsyslogd -c 6 -n
> > > <PrivDropToUser> 14823 14822  0 10:43 pts/0    00:00:00
> > > /usr/sbin/rsyslogd
> > > -c 6 -n
> > >
> > > Now it doesn't seem to timeout and kill the motherproccess...:-) !
> > >
> > > Only thing is it doesn't return after:
> > > # service rsyslog start
> > >
> > > I have tried adding "&" to /etc/sysconfig/rsyslog:
> > > SYSLOGD_OPTIONS="-c 6 -n &"
> > > but again this kill the motherproccess... and my guess is the root-
> > > owned
> > > motherproccess should continue to be there - right ?
> > >
> > > Any idea how to implement this properly ?
> > >
> > >
> > > Thanks in advance :-) !
> > > ~maymann
> > >
> > >
> > > 2012/2/3 Rainer Gerhards <rgerhards at hq.adiscon.com>
> > >
> > > > > > I have attached debug info both when PrivDropTo is enabled
> and
> > > > > > disabled.
> > > > > > Only difference I can see is the 5 minutes it takes for the
> > > > > > PrivDropTo_enabled run to timeout (motherproccess dies and
> > > > > > childproccess
> > > > > > thereby gets owned by init)...
> > > > >
> > > > > Ah, it looks like you use auto-backgrounding (which is the
> default
> > > due
> > > > > to
> > > > > historical reasons). You can disable that via -n. I don't know
> if
> > > the
> > > > > init
> > > > > script expects auto-backgrounding or not...
> > > >
> > > > I should add: if auto-backgrounding is used, the parent process
> is
> > > just a
> > > > shim to start the actual instance (the child). It then waits some
> > > time on
> > > > the
> > > > child until it is sure it has started (I haven't visited that
> code
> > > for many
> > > > years...). So it is expected that the parent terminates after a
> while
> > > (and
> > > > I
> > > > think-but do not know right now- that this may take some
> minutes).
> > > >
> > > > Suggest: try without auto-backgrouning so that we know if the
> problem
> > > is
> > > > related to that Feature.
> > > >
> > > > rainer
> > > > _______________________________________________
> > > > rsyslog mailing list
> > > > http://lists.adiscon.net/mailman/listinfo/rsyslog
> > > > http://www.rsyslog.com/professional-services/
> > > >
> > > _______________________________________________
> > > rsyslog mailing list
> > > http://lists.adiscon.net/mailman/listinfo/rsyslog
> > > http://www.rsyslog.com/professional-services/
> > _______________________________________________
> > rsyslog mailing list
> > http://lists.adiscon.net/mailman/listinfo/rsyslog
> > http://www.rsyslog.com/professional-services/
> >
> _______________________________________________
> rsyslog mailing list
> http://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com/professional-services/



More information about the rsyslog mailing list