Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1812032

Summary: Logger potentially not delivering some messages when backend restarted
Product: Red Hat Enterprise Linux 7 Reporter: Michal Ambroz <rebus>
Component: util-linuxAssignee: Karel Zak <kzak>
Status: CLOSED WONTFIX QA Contact: Radka Brychtova <rskvaril>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.5Flags: pm-rhel: mirror+
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-09-10 07:27:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michal Ambroz 2020-03-10 12:07:57 UTC 
Description of problem:
The logger (/usr/bin/logger from util-linux-2.23.2-59.el7.x86_64) has potential security issue on a way it handles the TCP connections to the syslog server. 
If the backend server is restarted logger will for some time be trying to send the messages to a socket, which is already closed from the other side.
I have discovered this issue when trying to integrate Apache logs using pipe to logger to log to central syslog server.


Version-Release number of selected component (if applicable):
util-linux-2.23.2-59.el7.x86_64


How reproducible:
100%


Steps to Reproduce:
1. run the fake TCP syslog server
Session1_Server: 
nc -l -p 9514

2. open the connection to the fake syslog server from logger:
Session2_Client_logger:
cat | TZ=GMT /usr/bin/logger --tag myserver --tcp --port 9514 --priority local0.warn --server localhost

3. Log AAA in Session2 to test connection is working
Session2_Client_logger:
AAA

Session1_Server:
<132>Mar 10 11:53:07 mytestag: AAA

4. Now when the session is established restart the server:
Session1_Server:
Ctrl-C
nc -l -p 9514

5. Try to send some more on the logger side:
Session2_Client_logger:
BBB
CCC
DDD


Actual results:
The situation is actually worse than if I would use for the same scenario UDP. Using TCP for this scenario I have lost 3 log messages. 

After third line/message the logger quits with the error code 141.
It actually doesn't write any message to the error output, so when used for example in Apache pipe to log it is really hard to detect that this happened as it is not writing anything to the Apache error_log.


Expected results:
When using TCP I would expect that I won't be loosing any log messages.
I would expect that the logger would try to re-establish the broken TCP or quits as soon as the TCP session is closed (between sending AAA and BBB to the logger). 


Additional info:
In Fedora 31 (util-linux-2.34-4.fc31.x86_64) the logger quits after sending another message - losing 1 log message in the process of syslog server restart.
Comment 2 Karel Zak 2020-07-07 11:14:07 UTC 
Sorry for the delay. You're right.

The logger command in RHEL-8 reopens the connection after failed sendmsg(). Unfortunately, RHEL-7 implementation is completely different and it uses still the same file descriptor and ignores all errors ...
Comment 7 RHEL Program Management 2021-09-10 07:27:15 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.