Syslog-ng - File permission error in suse Linux

0
votes

I am getting the below given error when I try to forward certain log files using syslog-ng in Suse Linux

Starting syslog servicesError opening file for reading; filename='/tmp/app.log', error='Permission denied (13)'

my conf file - Source definition seems to be ok

source app {

file("/tmp/app.log");

};

I went through similar posts and dont see any problems with my steps.The weird part is that the file is owned by root and when i run syslog-ng as root it gives read permission error

Am I missing anything?

1
susesyslog-ng

1 Answers

0
votes

This problem is caused because of AppArmor linux security module. Solution to this problem is mentioned in attached thread. syslog-ng read file permission denied

Here are steps I followed.

  1. Open /etc/apparmor.d/sbin.syslong-ng
  2. Add /opt/xxx/logs/* rw, line anywhere. rw below means allow read & write access. Change your directory appropriately.
  3. Run apparmor_parser -r /etc/apparmor.d/sbin.syslong-ng to set new rules.
  4. Restart syslog-ng using service command or any other way you have set up.