[Bug 1059854] Re: auth.log is empty
Bryan Fullerton
fehwalker at gmail.com
Tue Sep 24 15:48:20 UTC 2013
*** This bug is a duplicate of bug 940030 ***
https://bugs.launchpad.net/bugs/940030
Agree that this does seem to be a uplicate of 940030, marking it as
such.
** Tags added: precise
** This bug has been marked a duplicate of bug 940030
rsyslog stops working after logrotate until restarted
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1059854
Title:
auth.log is empty
Status in “rsyslog” package in Ubuntu:
Confirmed
Bug description:
On a fresh 12.04 64 bit machine in the default state + sshd installed,
the auth.log file remained empty, when normally it would fill up with
sshd hacking attempts. The sshd_config was left at its default, which
should record login failures.
I have figured out a workaround, which is probably a good clue about
the underlying bug.
It turns out that the permissions of auth.log were: messagebus
(owner) adm (group)
doing a
sudo chown syslog /etc/auth.log
fixed the problem instantly, with failed logins now going to the file
as expected. I don't know if this "fix" will survive log rotation.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1059854/+subscriptions
More information about the foundations-bugs
mailing list