RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1000102 - rsyslogd does not have its own process group or session id
Summary: rsyslogd does not have its own process group or session id
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: rsyslog
Version: 6.4
Hardware: All
OS: Linux
unspecified
low
Target Milestone: rc
: ---
Assignee: Radovan Sroka
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-08-22 16:53 UTC by Todd Vierling
Modified: 2017-11-30 12:44 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-11-30 12:44:28 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
modification to use setsid() (217 bytes, patch)
2013-08-22 16:53 UTC, Todd Vierling 		no flags Details | Diff
View All

Description Todd Vierling 2013-08-22 16:53:27 UTC 
Created attachment 789275 [details]
modification to use setsid()

Description of problem:
rsyslogd does not own its pgrp or sid like most other system daemons

Version-Release number of selected component (if applicable):
rsyslog-5.8.10-6.el6

How reproducible:
Always

Steps to Reproduce:
$ ps axo pid,ppid,pgid,sid,comm | grep rsyslog

Actual results:
(for example)
16474     1 16420 16112 rsyslogd

Expected results:
16474     1 16474 16474 rsyslogd

Additional info:
The issue here is that a session leader may restart rsyslogd after modifying syslog rules, and then kill off rsyslogd itself if the sid/pgid is killed. There is code already existing in rsyslog to do the right thing (by calling setsid()), but it isn't used because of an error in configure.ac (the CHECK_FUNCS looked for "setid", not "setsid" -- a very old typo). In very old versions of rsyslogd, pre-autoconfiscation, this was guarded by "#ifdef SYSV", which worked just fine at the time.

The patch attached here modifies tools/syslogd.c, rather than configure{,.ac}, as our own controlled autobuild environment was unhappy with an autoconf patch (and those can be problematic anyway).

At your option, this can also be backported to EL5.10 (rsyslog-3.22.1-x), as the same issue exists there. The same change is applicable.

Originally reported to Oracle Linux bug database in 17346261.

Separately reported to rsyslog upstream as:
http://bugzilla.adiscon.com/show_bug.cgi?id=474
Comment 2 Todd Vierling 2013-09-10 14:17:10 UTC 
(In reply to Todd Vierling from comment #0)
> The patch attached here modifies tools/syslogd.c, rather than
> configure{,.ac}, as our own controlled autobuild environment was unhappy
> with an autoconf patch (and those can be problematic anyway).

D'oh! The reason that method didn't work for me is that I forgot to patch config.h.in as well, since autoconf isn't being run explicitly as part of the rpm build. So, that's the other option: patch all of configure{,.ac} and config.h.in.
Comment 3 RHEL Program Management 2013-10-14 02:36:15 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Note You need to log in before you can comment on or make changes to this bug.