Mercurial Mercurial > upstream > oracle > userland-gate / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
23002702 rsyslogd $FileGroup directive broken due to restrictive privilege in start metho s11u3-sru
authorVladimir Marek <Vladimir.Marek@oracle.com>
Tue, 04 Oct 2016 09:03:46 +0200
branchs11u3-sru
changeset 7051 b5ccd506d4ab
parent 7046 d80040c62de5
child 7067 776b367d2e46
23002702 rsyslogd $FileGroup directive broken due to restrictive privilege in start metho
components/rsyslog/Makefile file | annotate | diff | comparison | revisions
components/rsyslog/TESTING file | annotate | diff | comparison | revisions
components/rsyslog/files/rsyslog.xml file | annotate | diff | comparison | revisions 
--- a/components/rsyslog/Makefile	Thu Sep 22 14:47:13 2016 +0200
+++ b/components/rsyslog/Makefile	Tue Oct 04 09:03:46 2016 +0200
@@ -18,7 +18,7 @@
 #
 # CDDL HEADER END
 #
-# Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
 #
 
 include ../../make-rules/shared-macros.mk
@@ -85,6 +85,10 @@
 # /usr/lib/rsyslog .
 CONFIGURE_LIBDIR.64 =	$(CONFIGURE_LIBDIR.32)
 
+# Rsyslog sources contain __FILE__ macros which contain full path to the workspace
+# This may appear in debug output which is not nice. By specifying the source
+# path relative we force the macro to be relative path too.
+CONFIGURE_OPTIONS +=    --srcdir=../../$(COMPONENT_NAME)-$(COMPONENT_VERSION)
 CONFIGURE_OPTIONS +=    --enable-imsolaris
 CONFIGURE_OPTIONS +=    --enable-mail
 CONFIGURE_OPTIONS +=    --enable-gssapi_krb5
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/rsyslog/TESTING	Tue Oct 04 09:03:46 2016 +0200
@@ -0,0 +1,30 @@
+# check version
+/usr/lib/rsyslog/rsyslogd -v
+
+
+
+# test that rsyslog does not contain our workspace path but rather relative paths
+/usr/lib/rsyslog/rsyslogd -d -n 2>&1 | grep ': source file'
+
+
+
+# Disable native syslog, enable rsyslog
+svcadm disable system/system-log:default
+sleep 5
+svcadm enable system/system-log:rsyslog
+sleep 5
+svcs -x
+
+
+
+======================= to the end of /etc/rsyslog.conf ========================
+$FileGroup openldap
+*.* /var/tmp/openldap
+$ResetConfigVariables
+================================================================================
+rm -f /var/tmp/openldap
+svcadm restart system/system-log:rsyslog
+logger -p error "openldap"
+ls -l /var/tmp/openldap
+-rw-r--r--   1 root     openldap    2873 Jun 22 10:36 /var/tmp/openldap
+# Make sure that the new file has 'openldap' group
--- a/components/rsyslog/files/rsyslog.xml	Thu Sep 22 14:47:13 2016 +0200
+++ b/components/rsyslog/files/rsyslog.xml	Tue Oct 04 09:03:46 2016 +0200
@@ -3,7 +3,7 @@
 <!--
 
    
-    Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
+    Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
 
     NOTE:  This service manifest is not editable; its contents will
     be overwritten by package or patch operations, including
@@ -28,7 +28,7 @@
 			<method_context>
 			<method_credential
 			  user='root' group='root'
-			  privileges='basic,net_privaddr' />
+			  privileges='basic,net_privaddr,file_chown_self' />
 			</method_context>
 		</exec_method>
upstream/oracle/userland-gate