[Nut-upsuser] UPSLog rotating

Arjen de Korte nut+users at de-korte.org
Thu Sep 18 05:56:54 UTC 2008


Citeren "Tuc at T-B-O-H.NET" <ml at t-b-o-h.net>:

>>> Sep 17 10:59:48 valhalla upslog[82020]: Signal 1: reopening log file
>>> Sep 17 10:59:48 valhalla upslog[82020]: could not reopen logfile
>>> /var/log/ups.log: Permission denied
>>
>> Well, that last line pretty much says what is wrong, doesn't it?
>>
> 	Why yes, yes it does. It says the exact same thing as it
> said before. So it means starting the program from scratch its
> fine that the file is owned by root:wheel, but WHILE its running
> it isn't. So, effectively, the program is creating a file it
> can't reuse. As if its opening it BEFORE it drops privs, but
> somehow when its HUP'd it doesn't have access anymore to the
> file it actually opened. (Since a stop and then start multiple
> times from /usr/local/etc/rc.d/nut_upslog doesn't cause the
> same issue). So, it would seem, that the logic for the file
> opening is happening before it sheds its immortal userid for
> the safety and security of the rest of the world.

This is a permissions problem. Either run 'upslog' as root ('-u root')  
or make sure it has write access to the file.

>> See above. You need to restart upslog or put the logfile in a place
>> where the user running upslog has write access.
>>
> 	Well, the user that runs upslog (root) does have access,

No. It starts as root and after opening the log file, drops  
privileges. So after that, it is effectively no longer running as root.

> and as you see it created a great file. Its just that if its
> SIGHUP'd the file stops being accessible. So, the answer is
> that even though the program itself originally starts it
> as root and the program logic opens the file it seems before
> it setuid's, I should look into the Makefile from ports
> and change the owner/group to what its set to for FreeBSD
> ports, which is :
>
> NUT_USER?=      uucp
> NUT_GROUP?=     uucp

Why? See above. Either run it as root, or make sure it has write  
access to the log when it is not running as root.

> 	Even though thats NOT what the program itself
> does under a FreeBSD ports startup.

It clearly does, otherwise it wouldn't be able to create this file in  
the first place.

Best regards, Arjen
-- 
Please keep list traffic on the list



More information about the Nut-upsuser mailing list