[Freeipa] [Bug 1632033] [NEW] rsyslogd is not writes arno messgages to the /var/log/arno-iptables-firewall but more other file stores them multiple times.

[zsgabor]

Public bug reported:

OS: Ubuntu 16.04.1 LTS Server

After you install the package the /var/log/arno-iptables-firewall logfile is 
not present yet.
The first time you launch the script, it writes some message to the above 
logfile and creates it with these privileges.

# ls -l /var/log/arno-iptables-firewall
-rw-r--r-- 1 root root 177 okt   10 18:23 /var/log/arno-iptables-firewall

The rsyslogd (/etc/rsyslog.d/arno-iptables-firewall.conf) is using the same 
logfile, but rsyslogd is not running with root privileges and can't write 
messages to above logfile.
On this  server the rsyslogd is running with syslog user privileges.

Workaround that I have used to solve the problem:
chown syslog:adm /var/log/arno-iptables-firewall && chmod 640 
/var/log/arno-iptables-firewall


Second problem is the rsyslogd configuration file order. There is
/etc/rsyslog.d/50-default.conf after /etc/rsyslog.d/arno-iptables-
firewall.conf rsyslog configuration file then all messages are stored
multiple times in other logfiles. Tipically in /var/log/kernlog and
/var/log/syslog file.

Workaround that I have used to solve the problem:
mv /var/log/arno-iptables-firewall /var/log/20-arno-iptables-firewall && 
systemctl restart arno-iptables-firewall.service

** Affects: arno-iptables-firewall (Ubuntu)
     Importance: Undecided
         Status: New

** Package changed: freeipa (Ubuntu) => arno-iptables-firewall (Ubuntu)

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1632033

Title:
  rsyslogd is not writes arno messgages to the /var/log/arno-iptables-
  firewall but more other file stores them multiple times.

Status in arno-iptables-firewall package in Ubuntu:
  New

Bug description:
  OS: Ubuntu 16.04.1 LTS Server

  After you install the package the /var/log/arno-iptables-firewall logfile is 
not present yet.
  The first time you launch the script, it writes some message to the above 
logfile and creates it with these privileges.

  # ls -l /var/log/arno-iptables-firewall
  -rw-r--r-- 1 root root 177 okt   10 18:23 /var/log/arno-iptables-firewall

  The rsyslogd (/etc/rsyslog.d/arno-iptables-firewall.conf) is using the same 
logfile, but rsyslogd is not running with root privileges and can't write 
messages to above logfile.
  On this  server the rsyslogd is running with syslog user privileges.

  Workaround that I have used to solve the problem:
  chown syslog:adm /var/log/arno-iptables-firewall && chmod 640 
/var/log/arno-iptables-firewall


  Second problem is the rsyslogd configuration file order. There is
  /etc/rsyslog.d/50-default.conf after /etc/rsyslog.d/arno-iptables-
  firewall.conf rsyslog configuration file then all messages are stored
  multiple times in other logfiles. Tipically in /var/log/kernlog and
  /var/log/syslog file.

  Workaround that I have used to solve the problem:
  mv /var/log/arno-iptables-firewall /var/log/20-arno-iptables-firewall && 
systemctl restart arno-iptables-firewall.service

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/arno-iptables-firewall/+bug/1632033/+subscriptions

_______________________________________________
Mailing list: https://launchpad.net/~freeipa
Post to     : freeipa@lists.launchpad.net
Unsubscribe : https://launchpad.net/~freeipa
More help   : https://help.launchpad.net/ListHelp