Package: syslog-ng
Version: 1.9.8.1+20060128-1
Severity: critical
For the last few weeks I've had a problem with SQLGrey aborting and mail
being rejected. The problem each time was that syslog-ng was no longer
running and SQLgrey wasn't handling the missing syslog daemon more
gracefully. Syslog-ng would segfault during logrotate's run.
Stracing the syslog-ng process while running logrotate yielded the
following:
*** /tmp/syslog-ng.strace
--- SIGHUP (Hangup) @ 0 (0) ---
sigreturn() = ? (mask now [])
gettimeofday({1139010317, 110357}, NULL) = 0
time([1139010317]) = 1139010317
gettimeofday({1139010317, 110529}, NULL) = 0
time(NULL) = 1139010317
time(NULL) = 1139010317
open("/etc/syslog-ng/syslog-ng.conf", O_RDONLY) = 24
ioctl(24, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbfeea498) = -1 ENOTTY (Inappropriate
ioctl for device)
fstat64(24, {st_mode=S_IFREG|0644, st_size=9537, ...}) = 0
mmap2(NULL, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7e51000
read(24, "#\n# Configuration file for syslo"..., 131072) = 9537
open("/etc/group", O_RDONLY) = 31
fcntl64(31, F_GETFD) = 0
fcntl64(31, F_SETFD, FD_CLOEXEC) = 0
_llseek(31, 0, [0], SEEK_CUR) = 0
fstat64(31, {st_mode=S_IFREG|0644, st_size=1717, ...}) = 0
mmap2(NULL, 1717, PROT_READ, MAP_SHARED, 31, 0) = 0xb7fd5000
_llseek(31, 1717, [1717], SEEK_SET) = 0
munmap(0xb7fd5000, 1717) = 0
close(31) = 0
open("/etc/passwd", O_RDONLY) = 31
fcntl64(31, F_GETFD) = 0
fcntl64(31, F_SETFD, FD_CLOEXEC) = 0
_llseek(31, 0, [0], SEEK_CUR) = 0
fstat64(31, {st_mode=S_IFREG|0644, st_size=3537, ...}) = 0
mmap2(NULL, 3537, PROT_READ, MAP_SHARED, 31, 0) = 0xb7fd5000
_llseek(31, 3537, [3537], SEEK_SET) = 0
munmap(0xb7fd5000, 3537) = 0
close(31) = 0
open("/etc/passwd", O_RDONLY) = 31
fcntl64(31, F_GETFD) = 0
fcntl64(31, F_SETFD, FD_CLOEXEC) = 0
_llseek(31, 0, [0], SEEK_CUR) = 0
fstat64(31, {st_mode=S_IFREG|0644, st_size=3537, ...}) = 0
mmap2(NULL, 3537, PROT_READ, MAP_SHARED, 31, 0) = 0xb7fd5000
_llseek(31, 3537, [3537], SEEK_SET) = 0
munmap(0xb7fd5000, 3537) = 0
close(31) = 0
open("/etc/passwd", O_RDONLY) = 31
fcntl64(31, F_GETFD) = 0
fcntl64(31, F_SETFD, FD_CLOEXEC) = 0
_llseek(31, 0, [0], SEEK_CUR) = 0
fstat64(31, {st_mode=S_IFREG|0644, st_size=3537, ...}) = 0
mmap2(NULL, 3537, PROT_READ, MAP_SHARED, 31, 0) = 0xb7fd5000
_llseek(31, 3537, [3537], SEEK_SET) = 0
munmap(0xb7fd5000, 3537) = 0
close(31) = 0
read(24, "", 131072) = 0
read(24, "", 131072) = 0
ioctl(24, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbfee9f38) = -1 ENOTTY (Inappropriate
ioctl for device)
close(24) = 0
munmap(0xb7e51000, 131072) = 0
close(3) = 0
close(4) = 0
close(30) = 0
close(11) = 0
close(8) = 0
close(9) = 0
close(7) = 0
close(15) = 0
close(12) = 0
close(19) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
stat64("/dev/log", {st_mode=S_IFSOCK|0666, st_size=0, ...}) = 0
unlink("/dev/log") = 0
bind(3, {sa_family=AF_FILE, path="/dev/log"}, 11) = 0
listen(3, 255) = 0
chmod("/dev/log", 0666) = 0
open("/proc/kmsg", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 4
socket(PF_FILE, SOCK_STREAM, 0) = 7
fcntl64(7, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(7, F_SETFL, O_RDWR|O_NONBLOCK) = 0
stat64("/dev/log", {st_mode=S_IFSOCK|0666, st_size=0, ...}) = 0
unlink("/dev/log") = 0
bind(7, {sa_family=AF_FILE, path="/dev/log"}, 11) = 0
listen(7, 255) = 0
chmod("/dev/log", 0666) = 0
open("/proc/kmsg", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 8
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
kill(13168, SIGSEGV) = 0
sigreturn() = ? (mask now [])
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
Severity of the report set as critical since in my opinion the lack of a
logging daemon can be a security problem.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (650, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-ck3-1-p4
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages syslog-ng depends on:
ii libc6 2.3.5-12.1 GNU C Library: Shared libraries an
ii util-linux 2.12r-6 Miscellaneous system utilities
Versions of packages syslog-ng recommends:
ii logrotate 3.7.1-2 Log rotation utility
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
