Bug 84208 - postfix doesn't log anymore after syslog is restarted
postfix doesn't log anymore after syslog is restarted
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: postfix (Show other bugs)
7.3
All Linux
high Severity medium
: ---
: ---
Assigned To: John Dennis
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-02-13 09:57 EST by Peter Bieringer
Modified: 2007-03-27 00:00 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-06-12 14:56:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Peter Bieringer 2003-02-13 09:57:42 EST
Description of problem:
During debugging a host with running syslog-ng I found that the RHL 7.3 standard
installation with sysklogd and postfix also has this issue.

If sysklogd is restarted, postfix's chroot'ed smtpd lost its log unix socket,
resulting that many information will no longer be logged.

Version-Release number of selected component (if applicable):
postfix-1.1.7-2
sysklogd-1.4.1-8


How reproducible:
Always

Steps to Reproduce:
1.Start ssklogd and postfix
2.Monitor /var/log/maillog
3.Connect from outside to host, deliver an e-mail (but connect is enough)
4.Restart sysklogd

    

Actual Results:  No longer logging of smtpd and nqmgr in some cases

Expected Results:  Still logging further on

Additional info:

Fix (todo: adjust postfix spec file)
# mkdir -p 755 /var/spool/postfix/dev

Specify extra log socket for now
--- /etc/sysconfig/syslog.orig  Wed Feb 12 07:39:41 2003
+++ /etc/sysconfig/syslog       Wed Feb 12 07:48:28 2003
@@ -3,7 +3,7 @@
 # -r enables logging from remote machines
 # -x disables DNS lookups on messages recieved with -r
 # See syslogd(8) for more details
-SYSLOGD_OPTIONS="-m 0"
+SYSLOGD_OPTIONS="-m 0 -a /var/spool/postfix/dev/log"
 # Options to klogd
 # -2 prints all kernel oops messages twice; once for klogd to decode, and
 #    once for processing with 'ksymoops'


Perhaps more intelligence is required whether postfix is installed or not, so it
would be better to check this in syslog-initscript like
if [ -d /var/spool/postfix/dev ]; then
 SYSLOGD_OPTIONS="$SYSLOGD_OPTIONS -a /var/spool/postfix/dev/log"
fi

I've set severtiy to "security" because unexpected loose of loglines is imho a
security issue.
Comment 1 Peter Bieringer 2003-06-02 06:59:19 EDT
Problem also found in RHL 8.0

Any reasons why this bug is still in state "NEW"?
Comment 2 Peter Bieringer 2003-06-02 07:16:32 EDT
BTW: there is a bug in upper shown workaround:

- # mkdir -p 755 /var/spool/postfix/dev
+ # mkdir -p -m 755 /var/spool/postfix/dev
Comment 3 John Dennis 2003-06-12 14:56:09 EDT
Current postfix rpms no longer run chroot. Wietse Venema and others believe
chroot was causing more problems (such as this) than was worth the minimal
security enhancement.

Note You need to log in before you can comment on or make changes to this bug.