[rsyslog-notify] Forum Thread: Re: ERROR: imuxsock cannot create /dev/log - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Tue Feb 25 13:03:57 CET 2014
User: andygr
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24258#p24258
Message:
----------
Thank you very much for your quick answer. Unfortunately - no luck. Even
with $PrivDropToGroup and $PrivDropToUser set to root.
<quote>Starting with 4.1.1, rsyslogd provides the ability to drop
privileges by impersonating as another user and/or group after
startup.</quote>
The Wiki states it drops priv AFTER startup. To me it looks more and more
as a Droid issue.
rsyslog.conf (default no changes):
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$FileOwner root
$FileGroup root
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToGroup root
$PrivDropToUser root
$WorkDirectory /var/spool/rsyslog
$IncludeConfig /etc/rsyslog.d/*.conf
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
*.emerg :omusrmsg:*
daemon.*;mail.*;\
news.err;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
More information about the rsyslog-notify
mailing list