Women in Technology

Hear us Roar



Article:
  Systrace Policies
Subject:   /var/log/messages correction
Date:   2003-02-04 05:16:47
From:   anonymous2
"OpenBSD chroots named into /var/named by default and logs everything to /var/log/messages. We might expect system calls to allow this access."


this is inaccurate and misleading since named(8) knows absolutely nothing about /var/log/messages and definitely doesn't need to write there at all.


it's syslogd(8) who whites there (and "there" is pure matter of what's defined in syslog.conf(5)). named writes to /dev/log (resp. /var/run/log, depends on OS), which is an interface to syslogd(8).


so if you want to control access to /var/log/messages, you need to set a systrace(4) policy for syslogd(8), not named(8).