Description of problem: There appears to be problems with syslog-ng with capabilities support and kernels 2.6.38+. Version-Release number of selected component (if applicable): syslog-ng-3.2.4-6.fc1 Actual results: ---------- Jul 3 01:16:53 hyperion syslog-ng[29691]: syslog-ng shutting down; version='3.2.4' Jul 3 01:16:53 hyperion kernel: : [256794.432386] ------------[ cut here ]------------ Jul 3 01:16:53 hyperion kernel: : [256794.432398] WARNING: at kernel/printk.c:288 do_syslog+0x8e/0x45a() Jul 3 01:16:53 hyperion kernel: : [256794.432402] Hardware name: To Be Filled By O.E.M. Jul 3 01:16:53 hyperion kernel: : [256794.432405] Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated). Jul 3 01:16:53 hyperion kernel: : [256794.432408] Modules linked in: cpufreq_ondemand acpi_cpufreq freq_table mperf ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter ip6_tables virtio_net kvm_intel kvm snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_seq snd_seq_device snd_pcm microcode intel_ips i2c_i801 r8169 e1000e snd_timer snd soundcore iTCO_wdt mii iTCO_vendor_support snd_page_alloc ipv6 radeon ttm drm_kms_helper drm i2c_algo_bit i2c_core [last unloaded: scsi_wait_scan] Jul 3 01:16:53 hyperion kernel: : [256794.432456] Pid: 20875, comm: syslog-ng Not tainted 2.6.38.8-32.fc15.x86_64 #1 Jul 3 01:16:53 hyperion kernel: : [256794.432460] Call Trace: Jul 3 01:16:53 hyperion kernel: : [256794.432468] [<ffffffff8105511a>] warn_slowpath_common+0x83/0x9b Jul 3 01:16:53 hyperion kernel: : [256794.432474] [<ffffffff810551d5>] warn_slowpath_fmt+0x46/0x48 Jul 3 01:16:53 hyperion kernel: : [256794.432481] [<ffffffff811e7a85>] ? security_capable+0x29/0x2b Jul 3 01:16:53 hyperion syslog-ng[20875]: syslog-ng starting up; version='3.2.4' Jul 3 01:16:53 hyperion kernel: : [256794.432487] [<ffffffff810557f9>] do_syslog+0x8e/0x45a Jul 3 01:16:53 hyperion kernel: : [256794.432494] [<ffffffff8116b6fe>] ? proc_reg_open+0x41/0x122 Jul 3 01:16:53 hyperion kernel: : [256794.432501] [<ffffffff81111621>] ? kmem_cache_alloc_trace+0xc6/0xd8 Jul 3 01:16:53 hyperion kernel: : [256794.432507] [<ffffffff81174d95>] kmsg_open+0x1c/0x1e Jul 3 01:16:53 hyperion kernel: : [256794.432513] [<ffffffff8116b764>] proc_reg_open+0xa7/0x122 Jul 3 01:16:53 hyperion kernel: : [256794.432518] [<ffffffff81174d5c>] ? kmsg_release+0x0/0x1d Jul 3 01:16:53 hyperion kernel: : [256794.432523] [<ffffffff8116b6bd>] ? proc_reg_open+0x0/0x122 Jul 3 01:16:53 hyperion kernel: : [256794.432531] [<ffffffff8111fc5c>] __dentry_open+0x161/0x283 Jul 3 01:16:53 hyperion kernel: : [256794.432539] [<ffffffff8147595e>] ? _raw_spin_lock+0xe/0x10 Jul 3 01:16:53 hyperion kernel: : [256794.432545] [<ffffffff81120bd0>] nameidata_to_filp+0x60/0x67 Jul 3 01:16:53 hyperion kernel: : [256794.432552] [<ffffffff8112ca7f>] finish_open+0xa1/0x17f Jul 3 01:16:53 hyperion kernel: : [256794.432558] [<ffffffff8112bbc8>] ? do_path_lookup+0xca/0xf6 Jul 3 01:16:53 hyperion kernel: : [256794.432564] [<ffffffff8112cfc2>] do_filp_open+0x186/0x60a Jul 3 01:16:53 hyperion kernel: : [256794.432570] [<ffffffff81124d1b>] ? might_fault+0x21/0x23 Jul 3 01:16:53 hyperion kernel: : [256794.432578] [<ffffffff8104127e>] ? should_resched+0xe/0x2d Jul 3 01:16:53 hyperion kernel: : [256794.432583] [<ffffffff81474408>] ? _cond_resched+0xe/0x22 Jul 3 01:16:53 hyperion kernel: : [256794.432591] [<ffffffff812324e1>] ? might_fault+0x21/0x23 Jul 3 01:16:53 hyperion kernel: : [256794.432598] [<ffffffff81136b3d>] ? alloc_fd+0x72/0x11d Jul 3 01:16:53 hyperion kernel: : [256794.432604] [<ffffffff81120c37>] do_sys_open+0x60/0xf2 Jul 3 01:16:53 hyperion kernel: : [256794.432609] [<ffffffff81120ce9>] sys_open+0x20/0x22 Jul 3 01:16:53 hyperion kernel: : [256794.432616] [<ffffffff81009bc2>] system_call_fastpath+0x16/0x1b Jul 3 01:16:53 hyperion kernel: : [256794.432620] ---[ end trace eef189876080657a ]--- ---------- Additional info: Upstream ticket: * 2.6.38+ will require CAP_SYSLOG (CAP_SYS_ADMIN not enough) https://bugzilla.balabit.com/show_bug.cgi?id=108
oops. Thank you for this report and the pointer.
Does this error still occur using https://admin.fedoraproject.org/updates/libcap-ng-0.6.6-1.fc15
(In reply to comment #2) > Does this error still occur using > > https://admin.fedoraproject.org/updates/libcap-ng-0.6.6-1.fc15 Different header file * cap-ng.h vs sys/capability.h and different library * libcap-ng.so vs libcap.so and syslog-ng's configure only looks for the header file sys/capability.h and the library -lcap.
ok, understood. Should be related to https://bugzilla.redhat.com/show_bug.cgi?id=689752 right?
Libcap v2.22 is already available for Fedora 15 in the updates repository.
How to reproduce the kernel trace: System: VM with Fedora 15 x86_64 (and fully updated) Packages: kernel-2.6.40-4.fc15.x86_64 systemd-26-8.fc15.x86_64 libcap-2.22-1.fc15.x86_64 rsyslog-5.8.2-1.fc15.x86_64 syslog-ng-3.2.4-6.fc15.x86_64 (from updates-testing) Steps: 1) boot vm with rsyslog as the running syslog daemon 2) systemctl disable rsyslog.service; 3) systemctl enable syslog-ng.service 4) systemctl stop rsyslog.service 5) systemctl start syslog-ng.service 6) see kernel trace in /var/log/messages Trace -------------------- Aug 7 02:50:53 localhost rsyslogd: [origin software="rsyslogd" swVersion="5.8.2" x-pid="690" x-info="http://www.rsyslog.com"] exiting on signal 15. Aug 7 02:50:53 localhost kernel: : [ 251.396893] ------------[ cut here ]------------ Aug 7 02:50:53 localhost kernel: : [ 251.396902] WARNING: at kernel/printk.c:322 do_syslog+0x8e/0x45a() Aug 7 02:50:53 localhost kernel: : [ 251.396935] Hardware name: VMware Virtual Platform Aug 7 02:50:53 localhost kernel: : [ 251.396936] Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated). Aug 7 02:50:53 localhost kernel: : [ 251.396938] Modules linked in: sunrpc bnep bluetooth rfkill ip6t_REJECT nf_conntrack_ipv4 nf_conntrack_ipv6 nf_defrag_ipv4 nf_defrag_ipv6 ip6table_filter xt_state nf_conntrack ip6_tables snd_ens1371 gameport snd_rawmidi snd_ac97_codec ac97_bus snd_seq snd_seq_device snd_pcm ppdev microcode vmw_balloon snd_timer parport_pc snd i2c_piix4 parport soundcore shpchp snd_page_alloc e1000 i2c_core mptspi mptscsih mptbase scsi_transport_spi [last unloaded: speedstep_lib] Aug 7 02:50:53 localhost kernel: : [ 251.396963] Pid: 1192, comm: syslog-ng Not tainted 2.6.40-4.fc15.x86_64 #1 Aug 7 02:50:53 localhost kernel: : [ 251.396965] Call Trace: Aug 7 02:50:53 localhost kernel: : [ 251.396969] [<ffffffff81054c8e>] warn_slowpath_common+0x83/0x9b Aug 7 02:50:53 localhost kernel: : [ 251.396972] [<ffffffff81054d49>] warn_slowpath_fmt+0x46/0x48 Aug 7 02:50:53 localhost kernel: : [ 251.396976] [<ffffffff8105e5bd>] ? ns_capable+0x3a/0x4f Aug 7 02:50:53 localhost syslog-ng[1192]: syslog-ng starting up; version='3.2.4' Aug 7 02:50:53 localhost kernel: : [ 251.396978] [<ffffffff8105537e>] do_syslog+0x8e/0x45a Aug 7 02:50:53 localhost kernel: : [ 251.396982] [<ffffffff81171a1e>] ? proc_reg_open+0x41/0x122 Aug 7 02:50:53 localhost kernel: : [ 251.396985] [<ffffffff8111663f>] ? kmem_cache_alloc_trace+0xc6/0xd8 Aug 7 02:50:53 localhost kernel: : [ 251.396988] [<ffffffff8117b5cd>] kmsg_open+0x1c/0x1e Aug 7 02:50:53 localhost kernel: : [ 251.396990] [<ffffffff81171a84>] proc_reg_open+0xa7/0x122 Aug 7 02:50:53 localhost kernel: : [ 251.396992] [<ffffffff8117b594>] ? read_vmcore+0x1cc/0x1cc Aug 7 02:50:53 localhost kernel: : [ 251.396995] [<ffffffff811719dd>] ? proc_alloc_inode+0xa1/0xa1 Aug 7 02:50:53 localhost kernel: : [ 251.396998] [<ffffffff81125405>] __dentry_open+0x17d/0x2be Aug 7 02:50:53 localhost kernel: : [ 251.397006] [<ffffffff814b6fe6>] ? _raw_spin_lock+0xe/0x10 Aug 7 02:50:53 localhost kernel: : [ 251.397008] [<ffffffff8112638f>] nameidata_to_filp+0x60/0x67 Aug 7 02:50:53 localhost kernel: : [ 251.397011] [<ffffffff81131b2a>] do_last+0x434/0x581 Aug 7 02:50:53 localhost kernel: : [ 251.397013] [<ffffffff811327fc>] path_openat+0xc8/0x31c Aug 7 02:50:53 localhost kernel: : [ 251.397016] [<ffffffff810b2135>] ? __call_rcu+0x130/0x139 Aug 7 02:50:53 localhost kernel: : [ 251.397018] [<ffffffff81132a88>] do_filp_open+0x38/0x86 Aug 7 02:50:53 localhost kernel: : [ 251.397021] [<ffffffff8113c341>] ? alloc_fd+0x72/0x11d Aug 7 02:50:53 localhost kernel: : [ 251.397023] [<ffffffff81126404>] do_sys_open+0x6e/0x100 Aug 7 02:50:53 localhost kernel: : [ 251.397025] [<ffffffff810a0c7c>] ? audit_syscall_entry+0x145/0x171 Aug 7 02:50:53 localhost kernel: : [ 251.397027] [<ffffffff811264b6>] sys_open+0x20/0x22 Aug 7 02:50:53 localhost kernel: : [ 251.397029] [<ffffffff814bd7c2>] system_call_fastpath+0x16/0x1b Aug 7 02:50:53 localhost kernel: : [ 251.397031] ---[ end trace ac416a71ae31ead5 ]--- --------------------
Additional comments: * syslog-ng appears to be working; at least it is running and logs messages produced by the logger utility * the kernel trace doesn't occur during the following operations (ordered): 1) systemctl stop syslog-ng.service; systemctl start rsyslog.service 2) logger test1 3) systemctl stop rsyslog.service; systemctl start syslog-ng.service 4) logger test2 But rsyslog doesn't appear to be working correctly as the log message from the second operation doesn't get to the /var/log/messages file ( but the one from 4) does). * a syslog-ng 3.2.4 compiled with capabilities and the upstream patch http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git;a=commit;h=ae0ff59d9a761c2fda8a19b0c05e0e05c59bae57 doesn't even start. Could someone also test this? Thanks in advance, jpo
Syslog-ng 3.2.4 with the upstream patch: * http://um-pe09-2.di.uminho.pt/fedora/15/syslog-ng-3.2.4-6.2.fc15.src.rpm Contents diff from syslog-ng-3.2.4-6.fc15.src.rpm: * http://um-pe09-2.di.uminho.pt/fedora/15/diff.txt
This message is a notice that Fedora 15 is now at end of life. Fedora has stopped maintaining and issuing updates for Fedora 15. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At this time, all open bugs with a Fedora 'version' of '15' have been closed as WONTFIX. (Please note: Our normal process is to give advanced warning of this occurring, but we forgot to do that. A thousand apologies.) Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, feel free to reopen this bug and simply change the 'version' to a later Fedora version. Bug Reporter: Thank you for reporting this issue and we are sorry that we were unable to fix it before Fedora 15 reached end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" (top right of this page) and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping