Project

General

Profile

Actions

Bug #2768

closed

reporting doesn't work on ubuntu server

Added by Michael Gliwinski over 12 years ago. Updated about 12 years ago.

Status:
Released
Priority:
3
Assignee:
Nicolas PERRON
Category:
System techniques
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

This is on rudder server running on ubuntu server 12.04.

rudder-server-root 2.4.0~beta2-precise0
rudder-reports 2.4.0~beta2-precise0

Basically the problem is that /etc/rsyslog.d/rudder.conf configures rsyslog to listen on port 514, but ubuntu config (/etc/rsyslog.conf) configures rsyslog to drop privileges to 'syslog' user. Due to a bug in rsyslog, privs are dropped before the ports are bound. Since 514 is a privileged port, 'syslog' user doesn't have permissions to bind to it. See:

https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/789174

It appears some of the solutions/workarounds are:

  • change port to >= 1025
  • reconfigure rsyslog not to drop privileges
  • change port to >= 1025 but use an iptables hack to redirect traffic from port 514 (so reconfiguring clients is not necessary)

Apparently fixing rsyslog is not trivial and would require a bit of redesign.

For reference here's a log of rsyslog's startup:

rsyslogd: [origin software="rsyslogd" swVersion="5.8.6" x-pid="803" x-info="http://www.rsyslog.com"] start
rsyslogd: rsyslogd's groupid changed to 103
rsyslogd: rsyslogd's userid changed to 101
rsyslogd-2077: Could not create tcp listener, ignoring port 514. [try http://www.rsyslog.com/e/2077 ]
Actions

Also available in: Atom PDF