rsyslog-pkg-ubuntu icon indicating copy to clipboard operation
rsyslog-pkg-ubuntu copied to clipboard

Published 20 hours ago verified publisher icon rsyslog

Ubuntu PPA package does not provide override for default 0755 /var/log permissions applied by systemd

Open deoren opened this issue 7 years ago • 8 comments

See rsyslog/rsyslog#1655 for details.

deoren avatar Jul 12 '17 12:07 deoren

Need more details on where to change this.

friedl avatar Nov 10 '17 15:11 friedl

Background

The /usr/lib/tmpfiles.d/00rsyslog.conf file is provided by the stock Ubuntu rsyslog package. Users can create their own overrides within the /etc/tmpfiles.d/ directory.

If an Ubuntu 16.04 system is used, then activating the PPA and upgrading rsyslog to the latest version leaves behind the orphaned Ubuntu-provided /usr/lib/tmpfiles.d/00rsyslog.conf file.

If an Ubuntu 14.04 system is used, activating the PPA installs the latest rsyslog package(s), but does not provide that file. As long as the system remains at 14.04 no problems are noticed with permissions on /var/log. Upgrading to 16.04 does not provide the /usr/lib/tmpfiles.d/00rsyslog.conf file since the provided version of rsyslog from the PPA is higher than the version available from the stock Ubuntu 16.04 repo(s).

Permissions on a freshly installed 16.04 box

ubuntu@ubuntu-virtual-machine:~$ getfacl /var/log

getfacl: Removing leading '/' from absolute path names
# file: var/log
# owner: root
# group: syslog
user::rwx
group::rwx
other::r-x

systemd tmpfiles.d override provided by Ubuntu

Proving what package provided the file:

ubuntu@ubuntu-virtual-machine:~$ dpkg -S /usr/lib/tmpfiles.d/00rsyslog.conf

rsyslog: /usr/lib/tmpfiles.d/00rsyslog.conf

Version currently installed (and where it came from):

ubuntu@ubuntu-virtual-machine:~$ dpkg -l rsyslog

Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                                          Version                     Architecture                Description
+++-=============================================-===========================-===========================-===============================================================================================
ii  rsyslog                                       8.16.0-1ubuntu3             amd64                       reliable system and kernel logging daemon

Contents of override file:

ubuntu@ubuntu-virtual-machine:~$ cat /usr/lib/tmpfiles.d/00rsyslog.conf 

# Override systemd's default tmpfiles.d/var.conf to make /var/log writable by
# the syslog group, so that rsyslog can run as user.
# See tmpfiles.d(5) for details.

# Type Path    Mode UID  GID  Age Argument
d /var/log 0775 root syslog -

Thoughts

Since the original package provides the /usr/lib/tmpfiles.d/00rsyslog.conf file, it seems like a good idea for the PPA-provided package to provide the same file. If the file exists, then I assume that the package provided file would (following the default behavior of existing files) be set aside as /usr/lib/tmpfiles.d/00rsyslog.conf.dpkg-new. If not and the original /usr/lib/tmpfiles.d/00rsyslog.conf file is overwritten, then users essentially get their knuckles popped for going against the established practice of placing custom files within /etc instead of system locations (such as /usr/lib/tmpfiles.d/00rsyslog.conf).

deoren avatar Nov 10 '17 16:11 deoren

My 2cts: I think it would be useful to keep as close as possible to the original Ubuntu package. It might be a good idea to pull the Ubuntu source package definitions for 16.04 and re-apply them to the PPA, just making those changes that are actually necessary.

PR's are for sure also happily accepted (packaging is not a core competency over here, we just provide "as good as possible" service to serve some need ;-)).

rgerhards avatar Nov 10 '17 16:11 rgerhards

And I should mention that we hopefully nailed today why the issue/PR trackers received so little attention in the past. I think we can consider that solved ;-)

rgerhards avatar Nov 10 '17 16:11 rgerhards

@rgerhards: My 2cts: I think it would be useful to keep as close as possible to the original Ubuntu package. It might be a good idea to pull the Ubuntu source package definitions for 16.04 and re-apply them to the PPA, just making those changes that are actually necessary.

That makes sense to me.

@rgerhards: PR's are for sure also happily accepted (packaging is not a core competency over here, we just provide "as good as possible" service to serve some need ;-)).

Understood. I don't have experience building packages, otherwise I would offer a PR. Maybe in the future once I have some experience (this is a particular interest of mine).

@rgerhards: And I should mention that we hopefully nailed today why the issue/PR trackers received so little attention in the past. I think we can consider that solved ;-)

A technical issue with a notification system?

deoren avatar Nov 10 '17 16:11 deoren

Maybe in the future once I have some experience (this is a particular interest of mine).

(Y)

A technical issue with a notification system?

... kind of ;-) Let's call it "filters going overboard".

rgerhards avatar Nov 10 '17 16:11 rgerhards

@rgerhards: Let's call it "filters going overboard"..

Heh, I've been there. Glad you have it sorted.

If I assist further with this please let me know. I have easy access to Ubuntu 14.04 and 16.04 systems, so I don't mind helping test any changes your team would like to apply to the packages.

deoren avatar Nov 10 '17 16:11 deoren

@deoren I have opened https://github.com/rsyslog/rsyslog-pkg-ubuntu/issues/69 to not pollute this tracker too much

rgerhards avatar Nov 10 '17 16:11 rgerhards