Project

General

Profile

Actions

Bug #5103

closed

Application log cannot to be re-opened when running as non-root user

Added by Jeff Lucovsky 9 months ago. Updated 9 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Suricata by default creates an application log at /var/log/suricata/suricata.log. This log file is created before changing uid and remains owned by root. After log rotation and a subsequent command to "reopen-log-files", this file is closed, but never re-opened as it can't be opened for modification by the non-root user that Suricata is now being run as.

This does not affect Suricata event logging as those files are opened after the uid is changed.

I think the only way to handle this is to change ownership of the file before the uid change so it can be re-opened.


Related issues 1 (0 open1 closed)

Copied from Bug #4523: Application log cannot to be re-opened when running as non-root userClosedJason IshActions
Actions #1

Updated by Jeff Lucovsky 9 months ago

  • Copied from Bug #4523: Application log cannot to be re-opened when running as non-root user added
Actions #2

Updated by Jeff Lucovsky 9 months ago

  • Status changed from Assigned to In Progress

Cherry-pick commit(s):
- e1f7c63fa8ed9ee787f89776162ca221573ef227
- 59ac1fe277b0dc2fc2b6c1739c10eb58a0d48cba

Actions #3

Updated by Jeff Lucovsky 9 months ago

  • Status changed from In Progress to In Review
Actions #4

Updated by Jeff Lucovsky 9 months ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF