Package: syslog-ng Version: 1.9.8.1+20060128-1 Severity: critical For the last few weeks I've had a problem with SQLGrey aborting and mail being rejected. The problem each time was that syslog-ng was no longer running and SQLgrey wasn't handling the missing syslog daemon more gracefully. Syslog-ng would segfault during logrotate's run.
Stracing the syslog-ng process while running logrotate yielded the following: *** /tmp/syslog-ng.strace --- SIGHUP (Hangup) @ 0 (0) --- sigreturn() = ? (mask now []) gettimeofday({1139010317, 110357}, NULL) = 0 time([1139010317]) = 1139010317 gettimeofday({1139010317, 110529}, NULL) = 0 time(NULL) = 1139010317 time(NULL) = 1139010317 open("/etc/syslog-ng/syslog-ng.conf", O_RDONLY) = 24 ioctl(24, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbfeea498) = -1 ENOTTY (Inappropriate ioctl for device) fstat64(24, {st_mode=S_IFREG|0644, st_size=9537, ...}) = 0 mmap2(NULL, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e51000 read(24, "#\n# Configuration file for syslo"..., 131072) = 9537 open("/etc/group", O_RDONLY) = 31 fcntl64(31, F_GETFD) = 0 fcntl64(31, F_SETFD, FD_CLOEXEC) = 0 _llseek(31, 0, [0], SEEK_CUR) = 0 fstat64(31, {st_mode=S_IFREG|0644, st_size=1717, ...}) = 0 mmap2(NULL, 1717, PROT_READ, MAP_SHARED, 31, 0) = 0xb7fd5000 _llseek(31, 1717, [1717], SEEK_SET) = 0 munmap(0xb7fd5000, 1717) = 0 close(31) = 0 open("/etc/passwd", O_RDONLY) = 31 fcntl64(31, F_GETFD) = 0 fcntl64(31, F_SETFD, FD_CLOEXEC) = 0 _llseek(31, 0, [0], SEEK_CUR) = 0 fstat64(31, {st_mode=S_IFREG|0644, st_size=3537, ...}) = 0 mmap2(NULL, 3537, PROT_READ, MAP_SHARED, 31, 0) = 0xb7fd5000 _llseek(31, 3537, [3537], SEEK_SET) = 0 munmap(0xb7fd5000, 3537) = 0 close(31) = 0 open("/etc/passwd", O_RDONLY) = 31 fcntl64(31, F_GETFD) = 0 fcntl64(31, F_SETFD, FD_CLOEXEC) = 0 _llseek(31, 0, [0], SEEK_CUR) = 0 fstat64(31, {st_mode=S_IFREG|0644, st_size=3537, ...}) = 0 mmap2(NULL, 3537, PROT_READ, MAP_SHARED, 31, 0) = 0xb7fd5000 _llseek(31, 3537, [3537], SEEK_SET) = 0 munmap(0xb7fd5000, 3537) = 0 close(31) = 0 open("/etc/passwd", O_RDONLY) = 31 fcntl64(31, F_GETFD) = 0 fcntl64(31, F_SETFD, FD_CLOEXEC) = 0 _llseek(31, 0, [0], SEEK_CUR) = 0 fstat64(31, {st_mode=S_IFREG|0644, st_size=3537, ...}) = 0 mmap2(NULL, 3537, PROT_READ, MAP_SHARED, 31, 0) = 0xb7fd5000 _llseek(31, 3537, [3537], SEEK_SET) = 0 munmap(0xb7fd5000, 3537) = 0 close(31) = 0 read(24, "", 131072) = 0 read(24, "", 131072) = 0 ioctl(24, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbfee9f38) = -1 ENOTTY (Inappropriate ioctl for device) close(24) = 0 munmap(0xb7e51000, 131072) = 0 close(3) = 0 close(4) = 0 close(30) = 0 close(11) = 0 close(8) = 0 close(9) = 0 close(7) = 0 close(15) = 0 close(12) = 0 close(19) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 stat64("/dev/log", {st_mode=S_IFSOCK|0666, st_size=0, ...}) = 0 unlink("/dev/log") = 0 bind(3, {sa_family=AF_FILE, path="/dev/log"}, 11) = 0 listen(3, 255) = 0 chmod("/dev/log", 0666) = 0 open("/proc/kmsg", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 4 socket(PF_FILE, SOCK_STREAM, 0) = 7 fcntl64(7, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(7, F_SETFL, O_RDWR|O_NONBLOCK) = 0 stat64("/dev/log", {st_mode=S_IFSOCK|0666, st_size=0, ...}) = 0 unlink("/dev/log") = 0 bind(7, {sa_family=AF_FILE, path="/dev/log"}, 11) = 0 listen(7, 255) = 0 chmod("/dev/log", 0666) = 0 open("/proc/kmsg", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 8 --- SIGSEGV (Segmentation fault) @ 0 (0) --- kill(13168, SIGSEGV) = 0 sigreturn() = ? (mask now []) --- SIGSEGV (Segmentation fault) @ 0 (0) --- Severity of the report set as critical since in my opinion the lack of a logging daemon can be a security problem. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (650, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-ck3-1-p4 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages syslog-ng depends on: ii libc6 2.3.5-12.1 GNU C Library: Shared libraries an ii util-linux 2.12r-6 Miscellaneous system utilities Versions of packages syslog-ng recommends: ii logrotate 3.7.1-2 Log rotation utility -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]