[rsyslog] rsyslog as non-root user

Michael Maymann michael at maymann.org
Sat Feb 4 08:08:50 CET 2012


Hi David,

thanks for your reply.
Now I got it working... :-) !

I'm running on RHEL6.1_x64 and my /etc/init.d/rsyslog is standard, only
thing changed is:
#exec=/sbin/rsyslogd
exec=/usr/sbin/rsyslogd

I have now the following in my /etc/sysconfig/rsyslog:
SYSLOGD_OPTIONS="-c 6 &"

so without the "-n" option but with the "&" the startup script now works
perfectly, and the motherproccess also lives for the first 5 minuted (As
Rainer was so kind to find in the code - thanks !) as it should, to make
sure everything starts up properly.

The "-n &" made the startup-script work, but killed the motherproccess
right away.
The "-n" made the startup-script fail after 5 minutes (when motherproccess
died), but rsyslog worked as it should.

I still think that when using <PrivDropTo> this behaviour should be
enforced from within rsyslog code itself (as users then didn't have to add
anything to their /etc/sysconfig/rsyslog), but I leave it up to others to
decide this...!


David+Rainer: Thanks for you help on this...much appreciated...:-) !
~maymann


2012/2/4 <david at lang.hm>

> Ok, looking through this script, one thing I see is that there is a
> comment character before the debug flag and the redirect of the output.
>
> as part of just general troubleshooting 101, I would want to capture the
> stdout and stderr of the process that's not working, so could you remove
> the "#-d" from the line and add "2>&1" to the line and see if anything
> interesting shows up in the log?
>
> the second thing is that this script is not starting rsyslog directly,
> it's using the command "daemon" to start rsyslog. It's possible that having
> rsyslog background itself and let the parent exit is confusing "daemon"
> (because daemon is monitoring the child process and when it exits, daemon
> assumes that something is wrong). If that's the case then it should work
> with the -n option to tell rsyslog not to background itself. The fact that
> adding it causes the startup script to never complete makes me think that
> daemon isn't doing it's job properly.
>
> you say that this is /etc/init.d/rsyslog.conf, but then the first line is
> referring to /etc/init.d/rsyslog, which is it? if this is a config file
> that some other script is using, the problem may be in that other script.
>
> I think you mentioned somewhere along the line, but I don't remember, what
> distro is this?
>
> In any case, this file has a bunch of stuff at the top that makes me think
> this is not a standard init file.
>
> this looks similar to an upstart file, but doesn't match my Ubuntu systems.
>
> David Lang
>
>
>
>  On Fri, 3 Feb 2012, Michael Maymann wrote:
>
>  Date: Fri, 3 Feb 2012 22:21:45 +0100
>> From: Michael Maymann <michael at maymann.org>
>> Reply-To: rsyslog-users <rsyslog at lists.adiscon.com>
>> To: rsyslog-users <rsyslog at lists.adiscon.com>
>>
>> Subject: Re: [rsyslog] rsyslog as non-root user
>>
>> Hi,
>>
>> starting it manually doesn't return the prompt either...:-( !
>>
>> here is my current /etc/init.d/rsyslog.conf anyway...:
>> # cat /etc/init.d/rsyslog
>> #!/bin/bash
>> #set -x
>> #
>> # rsyslog        Starts rsyslogd/rklogd.
>> #
>> #
>> # chkconfig: 2345 12 88
>> # description: Syslog is the facility by which many daemons use to log \
>> # messages to various system log files.  It is a good idea to always \
>> # run rsyslog.
>> ### BEGIN INIT INFO
>> # Provides: $syslog
>> # Required-Start: $local_fs
>> # Required-Stop: $local_fs
>> # Default-Start:  2 3 4 5
>> # Default-Stop: 0 1 6
>> # Short-Description: Enhanced system logging and kernel message trapping
>> daemons
>> # Description: Rsyslog is an enhanced multi-threaded syslogd supporting,
>> #              among others, MySQL, syslog/tcp, RFC 3195, permitted
>> #              sender lists, filtering on any message part, and fine
>> #              grain output format control.
>> ### END INIT INFO
>> # Source function library.
>> . /etc/init.d/functions
>> RETVAL=0
>> PIDFILE=/var/run/syslogd.pid
>> #PIDFILE=/tmp/syslogd.pid
>> prog=rsyslogd
>> #exec=/sbin/rsyslogd
>> exec=/usr/sbin/rsyslogd
>> lockfile=/var/lock/subsys/$**prog
>> #lockfile=/tmp/$prog
>> start() {
>>       [ -x $exec ] || exit 5
>>       # Source config
>>       if [ -f /etc/sysconfig/rsyslog ] ; then
>>               . /etc/sysconfig/rsyslog
>>       fi
>>       umask 077
>>       echo -n $"Starting system logger: "
>>       daemon --pidfile="${PIDFILE}" $exec $SYSLOGD_OPTIONS #-d &>
>> /tmp/rsyslog.log
>>       RETVAL=$?
>>       echo
>>       [ $RETVAL -eq 0 ] && touch $lockfile
>>       return $RETVAL
>> }
>> stop() {
>>       echo -n $"Shutting down system logger: "
>>       killproc $prog
>>       RETVAL=$?
>>       echo
>>       [ $RETVAL -eq 0 ] && rm -f $lockfile
>>       return $RETVAL
>> }
>> reload()  {
>>   RETVAL=1
>>   syslog=$(cat "${PIDFILE}" 2>/dev/null)
>>   echo -n "Reloading system logger..."
>>   if [ -n "${syslog}" ] && [ -e /proc/"${syslog}" ]; then
>>       kill -HUP "$syslog";
>>       RETVAL=$?
>>   fi
>>   if [ $RETVAL -ne 0 ]; then
>>       failure
>>   else
>>       success
>>   fi
>>   echo
>>   return $RETVAL
>> }
>> rhstatus() {
>>       status -p "${PIDFILE}" $prog
>> }
>> restart() {
>>       stop
>>       start
>> }
>> case "$1" in
>>  start)
>>       start
>>       ;;
>>  stop)
>>       stop
>>       ;;
>>  restart)
>>       restart
>>       ;;
>>  reload|force-reload)
>>       reload
>>       ;;
>>  status)
>>       rhstatus
>>       ;;
>>  condrestart|try-restart)
>>       rhstatus >/dev/null 2>&1 || exit 0
>>       restart
>>       ;;
>>  *)
>>       echo $"Usage: $0
>> {start|stop|restart|**condrestart|try-restart|**
>> reload|force-reload|status}"
>>       exit 2
>> esac
>> exit $?
>>
>>
>> Please anyone who can help with this ?
>>
>> Thanks in advance :-) !
>> ~maymann
>>
>> 2012/2/3 Michael Maymann <michael at maymann.org>
>>
>>  Hi,
>>>
>>> Yes I have, and now set them to /tmp just for testing, but same thing...:
>>> PIDFILE=/tmp/syslogd.pi
>>> lockfile=/tmp/$prog
>>>
>>> When started manually, it seems to be working just fine... also after 5
>>> minutes...:-) !:
>>> root      1498     1  0 Feb01 ?        00:00:00 /usr/sbin/sshd
>>> root     14128  1498  0 09:03 ?        00:00:00 sshd: root at pts/0
>>> root     14131 14128  0 09:04 pts/0    00:00:00 -bash
>>> <PrivDropToUser> 15442 14131 0 11:51 pts/0    00:00:00
>>> /usr/sbin/rsyslogd -c 6 -n
>>>
>>> How can I implement similar behaviour to
>>> /etc/init.d/rsyslog+/etc/**sysconfig/rsyslog...?
>>>
>>>
>>>
>>> Thanks in advance :-) !
>>> ~maymann
>>>
>>> 2012/2/3 <david at lang.hm>
>>>
>>> On Fri, 3 Feb 2012, Michael Maymann wrote:
>>>
>>>>
>>>>  Hi,
>>>>
>>>>>
>>>>> David: unfortunately this was not the case...:
>>>>> # cat /etc/sysconfig/selinux
>>>>> # This file controls the state of SELinux on the system.
>>>>> # SELINUX= can take one of these three values:
>>>>> #       enforcing - SELinux security policy is enforced.
>>>>> #       permissive - SELinux prints warnings instead of enforcing.
>>>>> #       disabled - SELinux is fully disabled.
>>>>> SELINUX=disabled
>>>>> # SELINUXTYPE= type of policy in use. Possible values are:
>>>>> #       targeted - Only targeted network daemons are protected.
>>>>> #       strict - Full SELinux protection.
>>>>> SELINUXTYPE=targeted
>>>>>
>>>>> What else could cause this problem ?
>>>>>
>>>>>
>>>> possibly a silly question, but have you verified that the user you are
>>>> dropping privileges to has write permission on the directories that you
>>>> write logs (and any queue files) to?
>>>>
>>>> David Lang
>>>>
>>>>
>>>>  Thanks in advance :-) !
>>>>> ~maymann
>>>>>
>>>>> 2012/2/2 Michael Maymann <michael at maymann.org>
>>>>>
>>>>>  Hi,
>>>>>
>>>>>>
>>>>>> David: Thanks for your reply - sounds possible... I will try this
>>>>>> first
>>>>>> thing tomorrow morning and report back with findings...
>>>>>>
>>>>>> Br.
>>>>>> ~maymann
>>>>>>
>>>>>> 2012/2/2 <david at lang.hm>
>>>>>>
>>>>>> On Thu, 2 Feb 2012, Michael Maymann wrote:
>>>>>>
>>>>>>
>>>>>>>  Hi Rainer,
>>>>>>>
>>>>>>>
>>>>>>>> I really have my doubts it has something to do with my startup
>>>>>>>> script:
>>>>>>>> 1. I only changed the exec=/usr/sbin/rsyslogd from default
>>>>>>>> 2. It works perfectly when PrivDropTo is not used in rsyslog.conf.
>>>>>>>>
>>>>>>>> I'm running on RHEL6.1_x64.
>>>>>>>> Do you have a working /etc/init.d/rsyslog what you can share/I can
>>>>>>>> test...?
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> my guess is that this is a SELINUX related problem.
>>>>>>>
>>>>>>> what happens if you try to start rsyslog manually (not by running the
>>>>>>> startup script, but just running 'rsyslogd -c 6' "
>>>>>>>
>>>>>>> David Lang
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>  Thanks in advance :-) !
>>>>>>>
>>>>>>>> ~maymann
>>>>>>>>
>>>>>>>> 2012/2/2 Michael Maymann <michael at maymann.org>
>>>>>>>>
>>>>>>>>  Hi,
>>>>>>>>
>>>>>>>>
>>>>>>>>> Rainer: Sorry... forgot to mention that it doesn't say anything
>>>>>>>>> about
>>>>>>>>> failing in the logs... and it actually doesn't fail... it works and
>>>>>>>>> after
>>>>>>>>> the timeout+failed notice only the proccess owned by
>>>>>>>>> PrivDropToUser-USER is
>>>>>>>>> present, but now owned by the init-proccess (mother proccess dies):
>>>>>>>>>
>>>>>>>>> # service rsyslog start
>>>>>>>>> Starting system logger:                                    [FAILED]
>>>>>>>>>
>>>>>>>>> BEFORE failed status:
>>>>>>>>> root      9126  9125  0 11:07 pts/1    00:00:00 /usr/sbin/rsyslogd
>>>>>>>>> -c 6
>>>>>>>>> <PrivDropToUser-USER>  9131  9126  0 11:07 ?        00:00:00
>>>>>>>>> /usr/sbin/rsyslogd -c 6
>>>>>>>>>
>>>>>>>>> AFTER failed status root-owned proccess is killed and
>>>>>>>>> PrivDropToUser-USER
>>>>>>>>> owned proccess is therefore gets owned by init:
>>>>>>>>> <PrivDropToUser-USER>  9131     1  0 11:07 ?        00:00:00
>>>>>>>>> /usr/sbin/rsyslogd -c 6
>>>>>>>>>
>>>>>>>>> Anyone who can help with this...?:
>>>>>>>>> here is the debug output when starting running the init-script:
>>>>>>>>> #/etc/init.d/rsyslog start
>>>>>>>>> + . /etc/init.d/functions
>>>>>>>>> ++ TEXTDOMAIN=initscripts
>>>>>>>>> ++ umask 022
>>>>>>>>> ++ PATH=/sbin:/usr/sbin:/bin:/******usr/bin
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ++ export PATH
>>>>>>>>> ++ '[' -z '' ']'
>>>>>>>>> ++ COLUMNS=80
>>>>>>>>> ++ '[' -z '' ']'
>>>>>>>>> +++ /sbin/consoletype
>>>>>>>>> ++ CONSOLETYPE=pty
>>>>>>>>> ++ '[' -f /etc/sysconfig/i18n -a -z '' -a -z '' ']'
>>>>>>>>> ++ . /etc/profile.d/lang.sh
>>>>>>>>> ++ unset LANGSH_SOURCED
>>>>>>>>> ++ '[' -z '' ']'
>>>>>>>>> ++ '[' -f /etc/sysconfig/init ']'
>>>>>>>>> ++ . /etc/sysconfig/init
>>>>>>>>> +++ BOOTUP=color
>>>>>>>>> +++ RES_COL=60
>>>>>>>>> +++ MOVE_TO_COL='echo -en \033[60G'
>>>>>>>>> +++ SETCOLOR_SUCCESS='echo -en \033[0;32m'
>>>>>>>>> +++ SETCOLOR_FAILURE='echo -en \033[0;31m'
>>>>>>>>> +++ SETCOLOR_WARNING='echo -en \033[0;33m'
>>>>>>>>> +++ SETCOLOR_NORMAL='echo -en \033[0;39m'
>>>>>>>>> +++ PROMPT=yes
>>>>>>>>> +++ AUTOSWAP=no
>>>>>>>>> +++ ACTIVE_CONSOLES='/dev/tty[1-6]******'
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> +++ SINGLE=/sbin/sushell
>>>>>>>>> ++ '[' pty = serial ']'
>>>>>>>>> ++
>>>>>>>>> __sed_discard_ignored_files='/******\(~\|\.bak\|\.orig\|\.****
>>>>>>>>> rpmnew\|**
>>>>>>>>>
>>>>>>>>> \.rpmorig\|\.rpmsave\)$/d'
>>>>>>>>> + RETVAL=0
>>>>>>>>> + PIDFILE=/var/run/syslogd.pid
>>>>>>>>> + prog=rsyslogd
>>>>>>>>> + exec=/usr/sbin/rsyslogd
>>>>>>>>> + lockfile=/var/lock/subsys/******rsyslogd
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> + case "$1" in
>>>>>>>>> + start
>>>>>>>>> + '[' -x /usr/sbin/rsyslogd ']'
>>>>>>>>> + '[' -f /etc/sysconfig/rsyslog ']'
>>>>>>>>> + . /etc/sysconfig/rsyslog
>>>>>>>>> ++ SYSLOGD_OPTIONS='-c 6'
>>>>>>>>> + umask 077
>>>>>>>>> + echo -n 'Starting system logger: '
>>>>>>>>> Starting system logger: + daemon --pidfile=/var/run/syslogd.pid
>>>>>>>>> /usr/sbin/rsyslogd -c 6
>>>>>>>>> + local gotbase= force= nicelevel corelimit
>>>>>>>>> + local pid base= user= nice= bg= pid_file=
>>>>>>>>> + local cgroup=
>>>>>>>>> + nicelevel=0
>>>>>>>>> + '[' --pidfile=/var/run/syslogd.pid '!='
>>>>>>>>> -pidfile=/var/run/syslogd.pid
>>>>>>>>> ']'
>>>>>>>>> + case $1 in
>>>>>>>>> + pid_file=/var/run/syslogd.pid
>>>>>>>>> + shift
>>>>>>>>> + '[' /usr/sbin/rsyslogd '!=' /usr/sbin/rsyslogd ']'
>>>>>>>>> + '[' -z '' ']'
>>>>>>>>> + base=rsyslogd
>>>>>>>>> + __pids_var_run rsyslogd /var/run/syslogd.pid
>>>>>>>>> + local base=rsyslogd
>>>>>>>>> + local pid_file=/var/run/syslogd.pid
>>>>>>>>> + pid=
>>>>>>>>> + '[' -f /var/run/syslogd.pid ']'
>>>>>>>>> + return 3
>>>>>>>>> + '[' -n '' -a -z '' ']'
>>>>>>>>> + corelimit='ulimit -S -c 0'
>>>>>>>>> + '[' -n '' ']'
>>>>>>>>> + '[' -n '' ']'
>>>>>>>>> + '[' color = verbose -a -z '' ']'
>>>>>>>>> + '[' -z '' ']'
>>>>>>>>> + /bin/bash -c 'ulimit -S -c 0 >/dev/null 2>&1 ; /usr/sbin/rsyslogd
>>>>>>>>> -c
>>>>>>>>> 6'
>>>>>>>>> ...
>>>>>>>>> (hangs here for a long time)
>>>>>>>>> ...
>>>>>>>>> + '[' 1 -eq 0 ']'
>>>>>>>>> + failure 'rsyslogd startup'
>>>>>>>>> + local rc=1
>>>>>>>>> + '[' color '!=' verbose -a -z '' ']'
>>>>>>>>> + echo_failure
>>>>>>>>> + '[' color = color ']'
>>>>>>>>> + echo -en '\033[60G'
>>>>>>>>>                                                         + echo -n
>>>>>>>>> '['
>>>>>>>>> [+ '[' color = color ']'
>>>>>>>>> + echo -en '\033[0;31m'
>>>>>>>>> + echo -n FAILED
>>>>>>>>> FAILED+ '[' color = color ']'
>>>>>>>>> + echo -en '\033[0;39m'
>>>>>>>>> + echo -n ']'
>>>>>>>>> ]+ echo -ne '\r'
>>>>>>>>> + return 1
>>>>>>>>> + '[' -x /usr/bin/plymouth ']'
>>>>>>>>> + /usr/bin/plymouth --details
>>>>>>>>> + return 1
>>>>>>>>> + RETVAL=1
>>>>>>>>> + echo
>>>>>>>>>
>>>>>>>>> + '[' 1 -eq 0 ']'
>>>>>>>>> + return 1
>>>>>>>>> + exit 1
>>>>>>>>>
>>>>>>>>> I have tried to give 777-access to /var/run and /var/lock/subsys -
>>>>>>>>> but
>>>>>>>>> same thing happens...
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks in advance :-) !
>>>>>>>>>
>>>>>>>>> Br.
>>>>>>>>> ~maymann
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> 2012/2/2 Rainer Gerhards <rgerhards at hq.adiscon.com>
>>>>>>>>>
>>>>>>>>>  I can only help you with that part if you point me to why exactly
>>>>>>>>> the
>>>>>>>>>
>>>>>>>>>  script
>>>>>>>>>> claims what it does. So you may want to try find someone who can
>>>>>>>>>> do
>>>>>>>>>> that.
>>>>>>>>>> I
>>>>>>>>>> know this is probably a trivial question, but I don't know
>>>>>>>>>> anything
>>>>>>>>>> ;)
>>>>>>>>>>
>>>>>>>>>> Sry, rainer
>>>>>>>>>>
>>>>>>>>>>  -----Original Message-----
>>>>>>>>>>
>>>>>>>>>>  From: rsyslog-bounces at lists.adiscon.**
>>>>>>>>>>> ****com<rsyslog-bounces at lists.
>>>>>>>>>>> **adiscon.com <rsyslog-bounces at lists.**adiscon.com<rsyslog-bounces at lists.adiscon.com>
>>>>>>>>>>> >>[mailto:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> rsyslog-
>>>>>>>>>>> bounces at lists.adiscon.com] On Behalf Of Michael Maymann
>>>>>>>>>>> Sent: Thursday, February 02, 2012 10:03 AM
>>>>>>>>>>> To: rsyslog-users
>>>>>>>>>>> Subject: Re: [rsyslog] rsyslog as non-root user
>>>>>>>>>>>
>>>>>>>>>>> Here is my startup script... only thing changed is the path to
>>>>>>>>>>> the
>>>>>>>>>>> new
>>>>>>>>>>> 6.3.6-rsyslog-devel binary.
>>>>>>>>>>> The startup-scripts works also perfectly when i comment out the
>>>>>>>>>>> PrivDropToUser+PrivDropToGroup in /etc/rsyslog.conf - but failes
>>>>>>>>>>> if i
>>>>>>>>>>> have
>>>>>>>>>>> both or one of the entries...:
>>>>>>>>>>> #!/bin/bash
>>>>>>>>>>> #
>>>>>>>>>>> # rsyslog        Starts rsyslogd/rklogd.
>>>>>>>>>>> #
>>>>>>>>>>> #
>>>>>>>>>>> # chkconfig: 2345 12 88
>>>>>>>>>>> # description: Syslog is the facility by which many daemons use
>>>>>>>>>>> to
>>>>>>>>>>> log
>>>>>>>>>>> \
>>>>>>>>>>> # messages to various system log files.  It is a good idea to
>>>>>>>>>>> always \
>>>>>>>>>>> # run rsyslog.
>>>>>>>>>>> ### BEGIN INIT INFO
>>>>>>>>>>> # Provides: $syslog
>>>>>>>>>>> # Required-Start: $local_fs
>>>>>>>>>>> # Required-Stop: $local_fs
>>>>>>>>>>> # Default-Start:  2 3 4 5
>>>>>>>>>>> # Default-Stop: 0 1 6
>>>>>>>>>>> # Short-Description: Enhanced system logging and kernel message
>>>>>>>>>>> trapping
>>>>>>>>>>> daemons
>>>>>>>>>>> # Description: Rsyslog is an enhanced multi-threaded syslogd
>>>>>>>>>>> supporting,
>>>>>>>>>>> #              among others, MySQL, syslog/tcp, RFC 3195,
>>>>>>>>>>> permitted
>>>>>>>>>>> #              sender lists, filtering on any message part, and
>>>>>>>>>>> fine
>>>>>>>>>>> #              grain output format control.
>>>>>>>>>>> ### END INIT INFO
>>>>>>>>>>>
>>>>>>>>>>> # Source function library.
>>>>>>>>>>> . /etc/init.d/functions
>>>>>>>>>>>
>>>>>>>>>>> RETVAL=0
>>>>>>>>>>> PIDFILE=/var/run/syslogd.pid
>>>>>>>>>>>
>>>>>>>>>>> prog=rsyslogd
>>>>>>>>>>> #exec=/sbin/rsyslogd
>>>>>>>>>>> exec=/usr/sbin/rsyslogd
>>>>>>>>>>> lockfile=/var/lock/subsys/$******prog
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> start() {
>>>>>>>>>>>      [ -x $exec ] || exit 5
>>>>>>>>>>>
>>>>>>>>>>>      # Source config
>>>>>>>>>>>      if [ -f /etc/sysconfig/rsyslog ] ; then
>>>>>>>>>>>              . /etc/sysconfig/rsyslog
>>>>>>>>>>>      fi
>>>>>>>>>>>      umask 077
>>>>>>>>>>>
>>>>>>>>>>>      echo -n $"Starting system logger: "
>>>>>>>>>>>      daemon --pidfile="${PIDFILE}" $exec $SYSLOGD_OPTIONS
>>>>>>>>>>>      RETVAL=$?
>>>>>>>>>>>      echo
>>>>>>>>>>>      [ $RETVAL -eq 0 ] && touch $lockfile
>>>>>>>>>>>      return $RETVAL
>>>>>>>>>>> }
>>>>>>>>>>> stop() {
>>>>>>>>>>>      echo -n $"Shutting down system logger: "
>>>>>>>>>>>      killproc $prog
>>>>>>>>>>>      RETVAL=$?
>>>>>>>>>>>      echo
>>>>>>>>>>>      [ $RETVAL -eq 0 ] && rm -f $lockfile
>>>>>>>>>>>      return $RETVAL
>>>>>>>>>>> }
>>>>>>>>>>> reload()  {
>>>>>>>>>>>  RETVAL=1
>>>>>>>>>>>  syslog=$(cat "${PIDFILE}" 2>/dev/null)
>>>>>>>>>>>  echo -n "Reloading system logger..."
>>>>>>>>>>>  if [ -n "${syslog}" ] && [ -e /proc/"${syslog}" ]; then
>>>>>>>>>>>      kill -HUP "$syslog";
>>>>>>>>>>>      RETVAL=$?
>>>>>>>>>>>  fi
>>>>>>>>>>>  if [ $RETVAL -ne 0 ]; then
>>>>>>>>>>>      failure
>>>>>>>>>>>  else
>>>>>>>>>>>      success
>>>>>>>>>>>  fi
>>>>>>>>>>>  echo
>>>>>>>>>>>  return $RETVAL
>>>>>>>>>>> }
>>>>>>>>>>> rhstatus() {
>>>>>>>>>>>      status -p "${PIDFILE}" $prog
>>>>>>>>>>> }
>>>>>>>>>>> restart() {
>>>>>>>>>>>      stop
>>>>>>>>>>>      start
>>>>>>>>>>> }
>>>>>>>>>>>
>>>>>>>>>>> case "$1" in
>>>>>>>>>>>  start)
>>>>>>>>>>>      start
>>>>>>>>>>>      ;;
>>>>>>>>>>>  stop)
>>>>>>>>>>>      stop
>>>>>>>>>>>      ;;
>>>>>>>>>>>  restart)
>>>>>>>>>>>      restart
>>>>>>>>>>>      ;;
>>>>>>>>>>>  reload|force-reload)
>>>>>>>>>>>      reload
>>>>>>>>>>>      ;;
>>>>>>>>>>>  status)
>>>>>>>>>>>      rhstatus
>>>>>>>>>>>      ;;
>>>>>>>>>>>  condrestart|try-restart)
>>>>>>>>>>>      rhstatus >/dev/null 2>&1 || exit 0
>>>>>>>>>>>      restart
>>>>>>>>>>>      ;;
>>>>>>>>>>>  *)
>>>>>>>>>>>      echo $"Usage: $0
>>>>>>>>>>> {start|stop|restart|******condrestart|try-restart|******
>>>>>>>>>>> reload|force-
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> reload|status}"
>>>>>>>>>>>      exit 2
>>>>>>>>>>> esac
>>>>>>>>>>>
>>>>>>>>>>> exit $?
>>>>>>>>>>>
>>>>>>>>>>> 2012/2/2 Rainer Gerhards <rgerhards at hq.adiscon.com>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>   -----Original Message-----
>>>>>>>>>>>>
>>>>>>>>>>>>  From: rsyslog-bounces at lists.adiscon.******com<
>>>>>>>>>>>>> rsyslog-bounces at lists.**adisco**n.com <http://adiscon.com><
>>>>>>>>>>>>> rsyslog-bounces at lists.**adiscon.com<rsyslog-bounces at lists.adiscon.com>
>>>>>>>>>>>>> >
>>>>>>>>>>>>>
>>>>>>>>>>>>>  [mailto:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> rsyslog-
>>>>>>>>>>>>> bounces at lists.adiscon.com] On Behalf Of Michael Maymann
>>>>>>>>>>>>> Sent: Wednesday, February 01, 2012 9:08 AM
>>>>>>>>>>>>> To: rsyslog-users
>>>>>>>>>>>>> Subject: Re: [rsyslog] rsyslog as non-root user
>>>>>>>>>>>>>
>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>
>>>>>>>>>>>>> David: thanks - got it working with permission dropping, by far
>>>>>>>>>>>>> my
>>>>>>>>>>>>> prefered
>>>>>>>>>>>>> configuration... just didn't know of it...:-) !
>>>>>>>>>>>>> Rainer: please let us know if the debug info of the "permission
>>>>>>>>>>>>> dropping:
>>>>>>>>>>>>> hang+timeout" I send you can solve anything... anyway it works
>>>>>>>>>>>>> now
>>>>>>>>>>>>>
>>>>>>>>>>>>>  -
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>  but
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>  not optimal if other people have to service my setup...:-) !
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>  I have reviewed the debug log and I see nothing unexpected.
>>>>>>>>>>>> From
>>>>>>>>>>>> the
>>>>>>>>>>>> timestamps I also see that there is no hang whatsoever. So it
>>>>>>>>>>>> looks
>>>>>>>>>>>>
>>>>>>>>>>>>  like
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>  there is some problem with the startup script, which I don't
>>>>>>>>>>>
>>>>>>>>>>>> know. I
>>>>>>>>>>>> suggest
>>>>>>>>>>>> to ask what the FAILED status is caused by. We can then look why
>>>>>>>>>>>> this
>>>>>>>>>>>> happens.
>>>>>>>>>>>>
>>>>>>>>>>>> Sorry I have no better answer...
>>>>>>>>>>>> Rainer
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>  Thanks in advance :-) !
>>>>>>>>>>>>
>>>>>>>>>>>>> ~maymann
>>>>>>>>>>>>>
>>>>>>>>>>>>> 2012/2/1 <david at lang.hm>
>>>>>>>>>>>>>
>>>>>>>>>>>>>  On Tue, 31 Jan 2012, Michael Maymann wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>>  Hi,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  I have now setup a 6.3.6-devel rsyslog server that is working
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  fine
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>   running
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  as root.
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  I would like to run it as non-root user as my logfiles are
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  located
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>   on NFS
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  (and root export of NFS is generally not a good idea !).
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Here is my rsyslog.conf:
>>>>>>>>>>>>>>> #LOAD MODULES
>>>>>>>>>>>>>>> $ModLoad imudp
>>>>>>>>>>>>>>> $UDPServerRun 514
>>>>>>>>>>>>>>> $UDPServerAddress 127.0.0.1
>>>>>>>>>>>>>>> $ModLoad imtcp
>>>>>>>>>>>>>>> $InputTCPServerRun 514
>>>>>>>>>>>>>>> #SET DESTINATION FOR LOGS
>>>>>>>>>>>>>>> $template
>>>>>>>>>>>>>>> DYNmessages,"<PATH_TO>/%********
>>>>>>>>>>>>>>> FROMHOST%/%FROMHOST%_%$YEAR%.%****
>>>>>>>>>>>>>>> ****
>>>>>>>>>>>>>>> $MONTH%_messages"
>>>>>>>>>>>>>>> $template
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  DYNsecure,"<PATH_TO>/%********
>>>>>>>>>>>>>>> FROMHOST%/%FROMHOST%_%$YEAR%.%****
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> **
>>>>>>>>>>>>>
>>>>>>>>>>>>>  **$MONTH%_secure"
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>  $template
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  DYNmaillog,"<PATH_TO>/%********
>>>>>>>>>>>>>>> FROMHOST%/%FROMHOST%_%$YEAR%.%***
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> ***
>>>>>>>>>>>>>
>>>>>>>>>>>>>  **$MONTH%_maillo
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>  g"
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  $template
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  DYNcron,"<PATH_TO>/%FROMHOST%/**
>>>>>>>>>>>>>>> ******%FROMHOST%_%$YEAR%.%$**
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> MONTH%_****
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>  cron"
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  $template
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  DYNspooler,"<PATH_TO>/%********
>>>>>>>>>>>>>>> FROMHOST%/%FROMHOST%_%$YEAR%.%***
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> ***
>>>>>>>>>>>>>
>>>>>>>>>>>>>  **$MONTH%_spoole
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>  r"
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  $template
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  DYNboot,"<PATH_TO>/%FROMHOST%/**
>>>>>>>>>>>>>>> ******%FROMHOST%_%$YEAR%.%$**
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> MONTH%_**
>>>>>>>>>>>>>
>>>>>>>>>>>>>  **boot.log"
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>  $template
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>   DYNtraps,"<PATH_TO>/%FROMHOST%**
>>>>>>>>>>>>>>> ******/%FROMHOST%_%$YEAR%.%$**
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> MONTH%**
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  _**
>>>>>>>>>>>>>
>>>>>>>>>>>>>  traps"
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  #SET LOGGING CONDITIONS
>>>>>>>>>>>>>>> if $syslogseverity <= '6' then ?DYNmessages
>>>>>>>>>>>>>>> if $syslogfacility-text == 'authpriv' then ?DYNsecure
>>>>>>>>>>>>>>> if $syslogfacility-text == 'mail' then ?DYNmaillog
>>>>>>>>>>>>>>> if $syslogfacility-text == 'cron' then ?DYNcron
>>>>>>>>>>>>>>> if $syslogseverity-text == 'crit' then ?DYNspooler
>>>>>>>>>>>>>>> if $syslogfacility-text == 'local7' then ?DYNboot
>>>>>>>>>>>>>>> if $syslogfacility-text == 'local6' and $syslogseverity-text
>>>>>>>>>>>>>>> ==
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  'WARNING'
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>  then ?DYNtraps
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Here is my logfile when I try to start rsyslog as a non-root
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  user:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>   2012-01-31T15:45:52.997693+02:********00 <hostname>
>>>>>>>>>>> rsyslogd:
>>>>>>>>>>>
>>>>>>>>>>>> [origin
>>>>>>>>>>>>
>>>>>>>>>>>>   software="rsyslogd" swVersion="6.3.6" x-pid="26185" x-info="
>>>>>>>>>>>>>
>>>>>>>>>>>>>> http://www.rsyslog.com"] start
>>>>>>>>>>>>>>> 2012-01-31T15:45:52.997294+02:********00 <hostname>
>>>>>>>>>>>>>>> rsyslogd:
>>>>>>>>>>>>>>> bind:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  Permission
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>  denied
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  2012-01-31T15:45:52.997369+02:********00 <hostname>
>>>>>>>>>>>>>>> rsyslogd:
>>>>>>>>>>>>>>> bind:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  Permission
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>  denied
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  2012-01-31T15:45:52.997374+02:********00 <hostname>
>>>>>>>>>>>>>>> rsyslogd:
>>>>>>>>>>>>>>> No UDP
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  listen
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>  socket
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  could successfully be initialized, message reception via UDP
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  disabled.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>  2012-01-31T15:45:52.997376+02:********00 <hostname> rsyslogd:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> imudp:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  no
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>   listeners
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>   could be started, input not activated.
>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2012-01-31T15:45:52.997379+02:********00 <hostname>
>>>>>>>>>>>>>>> rsyslogd3:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  activation
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>   of
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  module
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  imudp failed [try http://www.rsyslog.com/e/-3 ]
>>>>>>>>>>>>>>> 2012-01-31T15:45:52.997643+02:********00 <hostname>
>>>>>>>>>>>>>>> rsyslogd-2077:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  Could
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>   not
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  create
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  tcp listener, ignoring port 514. [try
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  http://www.rsyslog.com/e/2077
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>   ]
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>   So permissions to bind and sockets seems to be the problem...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  yes, you cannot bind to ports <1024 as a normal user
>>>>>>>>>>>>>>> (without
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  making
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>   some
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  other non-standard changes through sysctl)
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  1. Is it possible to make rsyslog write logfiles as a
>>>>>>>>>>>>>> non-root
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  user
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>   - if
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  yes: how ?
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  permission drop features
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  2a. Is it possible to add permissions for non-root user to
>>>>>>>>>>>>>> run
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  rsyslog
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>  server - if yes: how ?
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  pick a listening port > 1024 and it should work.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  2b. How do I start rsyslog during boot as non-root user - can
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  chkconfig do
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>  this ? do I need to edit /etc/init.d/rsyslog - if yes: how ?
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>  su can run a command as a different user.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> although as Rainer points out, you may just be looking for the
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  permission
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>  dropping features that are already in rsyslog.
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> David Lang
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> ______________________________********_________________
>>>>>>>>>>>>>> rsyslog mailing list
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  http://lists.adiscon.net/********mailman/listinfo/rsyslog<http://lists.adiscon.net/******mailman/listinfo/rsyslog>
>>>>>>>>>>>>>> <http**://lists.adiscon.net/******mailman/listinfo/rsyslog<http://lists.adiscon.net/****mailman/listinfo/rsyslog>
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>
>>>>>>>>>>>>> <http:**//lists.adiscon.net/****mailman/**listinfo/rsyslog<http://lists.adiscon.net/**mailman/**listinfo/rsyslog>
>>>>>>>>>>>>> <htt**p://lists.adiscon.net/****mailman/listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>>>>>>>>>>> >
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>  <http:**//lists.adisco <http://lists.adisco>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>  n.net/mailman/listinfo/****rsyslog**<http://n.net/mailman/listinfo/**rsyslog**>
>>>>>>>>>>> <http://n.net/**mailman/listinfo/rsyslog**<http://n.net/mailman/listinfo/rsyslog**>
>>>>>>>>>>> >
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>  http://www.rsyslog.com/********professional-<http://www.rsyslog.com/******professional->
>>>>>>>>>>>>> <http://www.**rsyslog.com/****professional-<http://www.rsyslog.com/****professional->
>>>>>>>>>>>>> >
>>>>>>>>>>>>>
>>>>>>>>>>>>>> <http://www.**rsyslog.com/****professional-<http://rsyslog.com/**professional->
>>>>>>>>>>>>>> <http://www.**rsyslog.com/**professional-<http://www.rsyslog.com/**professional->
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  services/<http://www.rsyslog.***
>>>>>>>>>>>>>> ***com/professional-services/<**ht
>>>>>>>>>>>>>>
>>>>>>>>>>>>> **tp://www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>>>>>>>>>>> <http://**www.rsyslog.com/professional-**services/<http://www.rsyslog.com/professional-services/>
>>>>>>>>>>>>> >
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>   ______________________________******_________________
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  rsyslog mailing list
>>>>>>>>>>>>> http://lists.adiscon.net/******mailman/listinfo/rsyslog<http://lists.adiscon.net/****mailman/listinfo/rsyslog>
>>>>>>>>>>>>> <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>>>>>>>>>>> >
>>>>>>>>>>>>>  <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/**listinfo/rsyslog>
>>>>>>>>>>>>> <htt**p://lists.adiscon.net/mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>>>>>>>>>>>>> >
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>  http://www.rsyslog.com/******professional-services/<http://www.rsyslog.com/****professional-services/>
>>>>>>>>>>>>> <http://**www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>>>>>>>>>>> >
>>>>>>>>>>>>> <http://**www.rsyslog.com/**professional-**services/<http://www.rsyslog.com/professional-**services/>
>>>>>>>>>>>>> <http:**//www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
>>>>>>>>>>>>> >
>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>  ______________________________******_________________
>>>>>>>>>>>>>
>>>>>>>>>>>> rsyslog mailing list
>>>>>>>>>>>> http://lists.adiscon.net/******mailman/listinfo/rsyslog<http://lists.adiscon.net/****mailman/listinfo/rsyslog>
>>>>>>>>>>>> <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>>>>>>>>>> >
>>>>>>>>>>>>  <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/**listinfo/rsyslog>
>>>>>>>>>>>> <htt**p://lists.adiscon.net/mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>>>>>>>>>>>> >
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>  http://www.rsyslog.com/******professional-services/<http://www.rsyslog.com/****professional-services/>
>>>>>>>>>>>> <http://**www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>>>>>>>>>> >
>>>>>>>>>>>> <http://**www.rsyslog.com/**professional-**services/<http://www.rsyslog.com/professional-**services/>
>>>>>>>>>>>> <http:**//www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
>>>>>>>>>>>> >
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>  ______________________________******_________________
>>>>>>>>>>>>
>>>>>>>>>>>>  rsyslog mailing list
>>>>>>>>>>> http://lists.adiscon.net/******mailman/listinfo/rsyslog<http://lists.adiscon.net/****mailman/listinfo/rsyslog>
>>>>>>>>>>> <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>>>>>>>>> >
>>>>>>>>>>>  <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/**listinfo/rsyslog>
>>>>>>>>>>> <htt**p://lists.adiscon.net/mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>>>>>>>>>>> >
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>  http://www.rsyslog.com/******professional-services/<http://www.rsyslog.com/****professional-services/>
>>>>>>>>>>> <http://**www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>>>>>>>>> >
>>>>>>>>>>> <http://**www.rsyslog.com/**professional-**services/<http://www.rsyslog.com/professional-**services/>
>>>>>>>>>>> <http:**//www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
>>>>>>>>>>> >
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>  ______________________________******_________________
>>>>>>>>>>>
>>>>>>>>>> rsyslog mailing list
>>>>>>>>>> http://lists.adiscon.net/******mailman/listinfo/rsyslog<http://lists.adiscon.net/****mailman/listinfo/rsyslog>
>>>>>>>>>> <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>>>>>>>> >
>>>>>>>>>>  <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/**listinfo/rsyslog>
>>>>>>>>>> <htt**p://lists.adiscon.net/mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>>>>>>>>>> >
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>  http://www.rsyslog.com/******professional-services/<http://www.rsyslog.com/****professional-services/>
>>>>>>>>>> <http://**www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>>>>>>>> >
>>>>>>>>>> <http://**www.rsyslog.com/**professional-**services/<http://www.rsyslog.com/professional-**services/>
>>>>>>>>>> <http:**//www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
>>>>>>>>>> >
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>   ______________________________******_________________
>>>>>>>>>
>>>>>>>>>  rsyslog mailing list
>>>>>>>> http://lists.adiscon.net/******mailman/listinfo/rsyslog<http://lists.adiscon.net/****mailman/listinfo/rsyslog>
>>>>>>>> <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>>>>>> >
>>>>>>>>  <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/**listinfo/rsyslog>
>>>>>>>> <htt**p://lists.adiscon.net/mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>>>>>>>> >
>>>>>>>>
>>>>>>>>>
>>>>>>>>>  http://www.rsyslog.com/******professional-services/<http://www.rsyslog.com/****professional-services/>
>>>>>>>> <http://**www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>>>>>> >
>>>>>>>> <http://**www.rsyslog.com/**professional-**services/<http://www.rsyslog.com/professional-**services/>
>>>>>>>> <http:**//www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
>>>>>>>> >
>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>  ______________________________******_________________
>>>>>>>>
>>>>>>>>  rsyslog mailing list
>>>>>>> http://lists.adiscon.net/******mailman/listinfo/rsyslog<http://lists.adiscon.net/****mailman/listinfo/rsyslog>
>>>>>>> <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>>>>> >
>>>>>>>  <http:**//lists.adiscon.net/**mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/**listinfo/rsyslog>
>>>>>>> <htt**p://lists.adiscon.net/mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>>>>>>> >
>>>>>>>
>>>>>>>>
>>>>>>>>  http://www.rsyslog.com/******professional-services/<http://www.rsyslog.com/****professional-services/>
>>>>>>> <http://**www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>>>>> >
>>>>>>>  <http://**www.rsyslog.com/**professional-**services/<http://www.rsyslog.com/professional-**services/>
>>>>>>> <http:**//www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
>>>>>>> >
>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>  ______________________________****_________________
>>>>>>
>>>>> rsyslog mailing list
>>>>> http://lists.adiscon.net/****mailman/listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>>> <http:**//lists.adiscon.net/mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>>>>> >
>>>>> http://www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>>> <http://**www.rsyslog.com/professional-**services/<http://www.rsyslog.com/professional-services/>
>>>>> >
>>>>>
>>>>>  ______________________________****_________________
>>>>>
>>>> rsyslog mailing list
>>>> http://lists.adiscon.net/****mailman/listinfo/rsyslog<http://lists.adiscon.net/**mailman/listinfo/rsyslog>
>>>> <http:**//lists.adiscon.net/mailman/**listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>>>> >
>>>> http://www.rsyslog.com/****professional-services/<http://www.rsyslog.com/**professional-services/>
>>>> <http://**www.rsyslog.com/professional-**services/<http://www.rsyslog.com/professional-services/>
>>>> >
>>>>
>>>>
>>>
>>>  ______________________________**_________________
>> rsyslog mailing list
>> http://lists.adiscon.net/**mailman/listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
>> http://www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
>>
>>  ______________________________**_________________
> rsyslog mailing list
> http://lists.adiscon.net/**mailman/listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
> http://www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
>



More information about the rsyslog mailing list