Bug 1316125

[cloud-user@atomic-00 ~]$ sudo docker exec e7ad07f74984 rsyslogd -N1
rsyslogd: version 7.4.7, config validation run (level 1), master config /etc/rsyslog.conf
rsyslogd: warning: ~ action is deprecated, consider using the 'stop' statement instead [try http://www.rsyslog.com/e/2307 ]
rsyslogd: End of config validation run. Bye.

[cloud-user@atomic-00 ~]$ sudo docker exec e7ad07f74984 logger "This is a log test."

[cloud-user@atomic-00 ~]$ sudo docker exec e7ad07f74984 grep -R "This is a log test." /var/log/*
Binary file /var/log/journal/1bd47c60885a4610a7e034392922c231/user-1000.journal matches
/var/log/secure:Mar 19 04:48:50 atomic-00 sudo: cloud-user : TTY=pts/0 ; PWD=/var/home/cloud-user ; USER=root ; COMMAND=/bin/docker exec e7ad07f74984 logger This is a log test.
/var/log/secure:Mar 19 04:49:02 atomic-00 sudo: cloud-user : TTY=pts/0 ; PWD=/var/home/cloud-user ; USER=root ; COMMAND=/bin/docker exec e7ad07f74984 grep This is a log test. /var/log/messages
/var/log/secure:Mar 19 04:49:37 atomic-00 sudo: cloud-user : TTY=pts/0 ; PWD=/var/home/cloud-user ; USER=root ; COMMAND=/bin/docker exec e7ad07f74984 grep This is a log test. /var/log/lastlog
/var/log/secure:Mar 19 04:49:55 atomic-00 sudo: cloud-user : TTY=pts/0 ; PWD=/var/home/cloud-user ; USER=root ; COMMAND=/bin/docker exec e7ad07f74984 grep -R This is a log test. /var/log/anaconda /var/log/btmp /var/log/btmp-20160304 /var/log/ceph /var/log/chrony /var/log/cloud-init.log /var/log/cron /var/log/dmesg /var/log/dmesg.old /var/log/glusterfs /var/log/journal /var/log/lastlog /var/log/maillog /var/log/messages /var/log/ppp /var/log/rhsm /var/log/sa /var/log/samba /var/log/secure /var/log/spooler /var/log/sssd /var/log/tuned /var/log/wpa_supplicant.log /var/log/wtmp /var/log/yum.log

The rsyslog daemon is running in the rsyslog docker container, and there is no invalid configuration in rsyslog, but logger testing doesn't work, I can't find log message is written in /var/log/*

Hi Alex,

I tested it and the test with logger really doesn't work. Don't know why yet, I'll have to look deeper.
Not sure what the correct procedure is, but could you perhaps duplicate this bug or make a new one so that it gets tracked separately? The 7.2.3 image has already been built yesterday so this will have to go in the next batch.

Eliska, Frantisek, it works well if I don't run logger command in the rsyslog container, which is onto an Atomic Host.

[cloud-user@atomic-00 ~]$ sudo atomic host status
  TIMESTAMP (UTC)         VERSION                ID             OSNAME               REFSPEC                                                                  
* 2016-03-11 19:31:01     7.2.3                  f6f9c97816     rhel-atomic-host     rhel-atomic-host-ostree:rhel-atomic-host/7/x86_64/standard


[cloud-user@atomic-00 ~]$ sudo docker images
registry.access.stage.redhat.com/rhel7/rsyslog                     7.2-18              94cd8d14e5a9        2 weeks ago         215.7 MB

[cloud-user@atomic-00 ~]$ sudo atomic install registry.access.stage.redhat.com/rhel7/rsyslog:7.2-18
docker run --rm --privileged -v /:/host -e HOST=/host -e IMAGE=registry.access.stage.redhat.com/rhel7/rsyslog:7.2-18 -e NAME=rsyslog registry.access.stage.redhat.com/rhel7/rsyslog:7.2-18 /bin/install.sh

[cloud-user@atomic-00 ~]$ sudo atomic run registry.access.stage.redhat.com/rhel7/rsyslog:7.2-18
docker run -d --privileged --name rsyslog --net=host --pid=host -v /etc/pki/rsyslog:/etc/pki/rsyslog -v /etc/rsyslog.conf:/etc/rsyslog.conf -v /etc/sysconfig/rsyslog:/etc/sysconfig/rsyslog -v /etc/rsyslog.d:/etc/rsyslog.d -v /var/log:/var/log -v /var/lib/rsyslog:/var/lib/rsyslog -v /run:/run -v /etc/machine-id:/etc/machine-id -v /etc/localtime:/etc/localtime -e IMAGE=registry.access.stage.redhat.com/rhel7/rsyslog:7.2-18 -e NAME=rsyslog --restart=always registry.access.stage.redhat.com/rhel7/rsyslog:7.2-18 /bin/rsyslog.sh

This container uses privileged security switches:

INFO: --net=host 
      Processes in this container can listen to ports (and possibly rawip traffic) on the host's network.

INFO: --pid=host 
      Processes in this container can see and interact with all processes on the host and disables SELinux within the container.

INFO: --privileged 
      This container runs without separation and should be considered the same as root on your system.

For more information on these switches and their security implications, consult the manpage for 'docker run'.

c7f002877942a311e0f883e181cd9d365b805c299fa47f0eb7ec30820cd80a10

[cloud-user@atomic-00 ~]$ sudo docker ps
CONTAINER ID        IMAGE                                                   COMMAND             CREATED             STATUS              PORTS               NAMES
c7f002877942        registry.access.stage.redhat.com/rhel7/rsyslog:7.2-18   "/bin/rsyslog.sh"   5 seconds ago       Up 3 seconds                            rsyslog


Open the second terminal window of Atomic Host then monitor /var/log/messages

[cloud-user@atomic-00 ~]$ sudo tail -f /var/log/messages


Back to the first terminal window of Atomic Host then run logger test, please don't run logger test in the rsyslog container. 
  

[cloud-user@atomic-00 ~]$ sudo logger "This is a log test."


Return the second terminal to check log messages, you will see an expected log messages as follows.

Mar 24 08:36:02 atomic-00 cloud-user: This is a log test.


So moving the bug to VERIFIED status per above testing.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0573.html