From jeh@thehousleys.net  Mon May 24 13:33:22 2004
Return-Path: <jeh@thehousleys.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D637016A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 24 May 2004 13:33:22 -0700 (PDT)
Received: from sccrmhc13.comcast.net (sccrmhc13.comcast.net [204.127.202.64])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 593BC43D1F
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 24 May 2004 13:33:22 -0700 (PDT)
	(envelope-from jeh@thehousleys.net)
Received: from thehousleys.net ([24.34.30.131])
          by comcast.net (sccrmhc13) with ESMTP
          id <20040524203321016000449be>; Mon, 24 May 2004 20:33:21 +0000
Received: from localhost (localhost [127.0.0.1])
	by thehousleys.net (8.12.9p2/8.12.9) with ESMTP id i4OKXLTA070269
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 24 May 2004 16:33:21 -0400 (EDT)
	(envelope-from jeh@cat.int.thehousleys.net)
Received: from thehousleys.net ([127.0.0.1])
 by localhost (cat.int.thehousleys.net [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 69999-03 for <FreeBSD-gnats-submit@freebsd.org>;
 Mon, 24 May 2004 16:33:18 -0400 (EDT)
Received: from cat.int.thehousleys.net (localhost [IPv6:::1])
	by thehousleys.net (8.12.9p2/8.12.9) with ESMTP id i4OKX9Hd070256
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 24 May 2004 16:33:09 -0400 (EDT)
	(envelope-from jeh@cat.int.thehousleys.net)
Received: (from jeh@localhost)
	by cat.int.thehousleys.net (8.12.9p2/8.12.9/Submit) id i4OKX9gq070255;
	Mon, 24 May 2004 16:33:09 -0400 (EDT)
	(envelope-from jeh)
Message-Id: <200405242033.i4OKX9gq070255@cat.int.thehousleys.net>
Date: Mon, 24 May 2004 16:33:09 -0400 (EDT)
From: "James E. Housley" <jeh@thehousleys.net>
Reply-To: "James E. Housley" <jeh@thehousleys.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: newsyslog does not set correct user/group on the compression
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         67137
>Category:       bin
>Synopsis:       newsyslog does not set correct user/group on the compression
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    gad
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon May 24 13:40:16 PDT 2004
>Closed-Date:    Sat Jun 12 15:47:31 GMT 2004
>Last-Modified:  Sat Jun 12 15:47:31 GMT 2004
>Originator:     James E. Housley
>Release:        FreeBSD 4.9-RELEASE-p8 i386
>Organization:
>Environment:
System: FreeBSD cat.int.thehousleys.net 4.9-RELEASE-p8 FreeBSD 4.9-RELEASE-p8 #8: Wed May 19 07:41:25 EDT 2004 root@cat.int.thehousleys.net:/usr/obj/usr/src/sys/SERVERKERNEL i386


	
>Description:
	Any entry in newsyslog.conf that specifies a user:group will
	have the wrong user:group the the xxxxx.0.gz or .bz2 file.  This
	is because at the bottom dotrim() after the compression or copy
	is done, there is no chown() done like there is done on all the
	copy statements earlier in the program.

	This affects both -STABLE and -CURRENT.

	I don't have patches yet, but will try and work some up once I
	trace filenames.

>How-To-Repeat:
	
>Fix:

	


>Release-Note:
>Audit-Trail:

From: "James E. Housley" <jeh@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org, jeh@thehousleys.net
Cc:  
Subject: Re: bin/67137: newsyslog does not set correct user/group on the compression
Date: Tue, 25 May 2004 10:09:39 -0400

 This is a multi-part message in MIME format.
 --------------080902010807000702070205
 Content-Type: text/plain; charset=us-ascii; format=flowed
 Content-Transfer-Encoding: 7bit
 
 This patch seems to do it, but I don't like the sleep(10) that I had to 
 add because even though compress_log and bzcompress_log specify wait, 
 they seem to return before compression is done.
 
 How to duplicate the problem (somewhat made up but reflects reality).
 
 modify /etc/newsyslog.conf
 
 /var/log/console.log    root:www       640  5     100  *     Z
 
 % newsyslog -n -v -F -R testing /var/log/console.log
 housley@prcd5001:~ {6} sudo newsyslog -n -v -F -R testing 
 /var/log/console.log
 /var/log/console.log <5Z>: size (Kb): 2 [100] --> trimming log....
          rm -f /var/log/console.log.5
          rm -f /var/log/console.log.5.gz
          rm -f /var/log/console.log.5.bz2
          mv /var/log/console.log.4.gz /var/log/console.log.5.gz
          chmod 640 /var/log/console.log.5.gz
          chown 0:80 /var/log/console.log.5.gz
          mv /var/log/console.log.3.gz /var/log/console.log.4.gz
          chmod 640 /var/log/console.log.4.gz
          chown 0:80 /var/log/console.log.4.gz
          mv /var/log/console.log.2.gz /var/log/console.log.3.gz
          chmod 640 /var/log/console.log.3.gz
          chown 0:80 /var/log/console.log.3.gz
          mv /var/log/console.log.1.gz /var/log/console.log.2.gz
          chmod 640 /var/log/console.log.2.gz
          chown 0:80 /var/log/console.log.2.gz
          mv /var/log/console.log.0.gz /var/log/console.log.1.gz
          chmod 640 /var/log/console.log.1.gz
          chown 0:80 /var/log/console.log.1.gz
          mv /var/log/console.log to /var/log/console.log.0
 Start new log...
          mktemp /var/log/console.log.XXXXXX
          chmod 640 /var/log/console.log.XXXXXX
          mv /var/log/console.log.XXXXXX /var/log/console.log
          kill -1 123
          gzip /var/log/console.log.0
 
 What this produces is /var/log/console.log.0.gz to still be owned by 
 root:wheel
 
 The attached patch changes it to work as:
 
 /var/log/console.log <5Z>: size (Kb): 2 [100] --> trimming log....
          rm -f /var/log/console.log.5
          rm -f /var/log/console.log.5.gz
          rm -f /var/log/console.log.5.bz2
          mv /var/log/console.log.4.gz /var/log/console.log.5.gz
          chmod 640 /var/log/console.log.5.gz
          chown 0:80 /var/log/console.log.5.gz
          mv /var/log/console.log.3.gz /var/log/console.log.4.gz
          chmod 640 /var/log/console.log.4.gz
          chown 0:80 /var/log/console.log.4.gz
          mv /var/log/console.log.2.gz /var/log/console.log.3.gz
          chmod 640 /var/log/console.log.3.gz
          chown 0:80 /var/log/console.log.3.gz
          mv /var/log/console.log.1.gz /var/log/console.log.2.gz
          chmod 640 /var/log/console.log.2.gz
          chown 0:80 /var/log/console.log.2.gz
          mv /var/log/console.log.0.gz /var/log/console.log.1.gz
          chmod 640 /var/log/console.log.1.gz
          chown 0:80 /var/log/console.log.1.gz
          mv /var/log/console.log to /var/log/console.log.0
          chown 0:80 /var/log/console.log.0
 Start new log...
          mktemp /var/log/console.log.XXXXXX
          chmod 640 /var/log/console.log.XXXXXX
          mv /var/log/console.log.XXXXXX /var/log/console.log
          kill -1 123
          gzip /var/log/console.log.0
 
 I believe this will apply cleanly to -CURRENT also.
 
 Jim
 
 -- 
 /"\   ASCII Ribbon Campaign  .
 \ / - NO HTML/RTF in e-mail  .
   X  - NO Word docs in e-mail .
 / \ -----------------------------------------------------------------
 jeh@FreeBSD.org      http://www.FreeBSD.org     The Power to Serve
 jim@TheHousleys.Net  http://www.TheHousleys.net
 ---------------------------------------------------------------------
 Progress (n) : What led from smart users in front of dumb terminals to
 dumb users in front of smart terminals.
 
 --------------080902010807000702070205
 Content-Type: text/plain;
  name="newsyslog.c-patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="newsyslog.c-patch"
 
 --- newsyslog.c-orig	Tue Nov  4 11:11:17 2003
 +++ newsyslog.c	Tue May 25 10:05:24 2004
 @@ -1288,14 +1288,21 @@
  		else
  			(void) unlink(log);
  	} else {
 -		if (noaction)
 +		if (noaction) {
  			printf("\tmv %s to %s\n", log, file1);
 -		else {
 +			if (ent->uid != (uid_t)-1 || ent->gid != (gid_t)-1)
 +				printf("\tchown %u:%u %s\n",
 +				    ent->uid, ent->gid, file1);
 +		} else {
  			if (archtodir)
  				movefile(log, file1, ent->permissions, ent->uid,
  				    ent->gid);
 -			else
 +			else {
  				(void) rename(log, file1);
 +				if (ent->uid != (uid_t)-1 || ent->gid != (gid_t)-1)
 +					if (chown(file1, ent->uid, ent->gid))
 +						warn("can't chown %s", file1);
 +			}
  		}
  	}
  
 
 --------------080902010807000702070205--
Responsible-Changed-From-To: freebsd-bugs->gad 
Responsible-Changed-By: gad 
Responsible-Changed-When: Tue May 25 08:01:11 PDT 2004 
Responsible-Changed-Why:  
I will look into this, and try to commit a fix for it before next week. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=67137 

From: "James E. Housley" <jeh@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org, jeh@thehousleys.net
Cc:  
Subject: Re: bin/67137: newsyslog does not set correct user/group on the compression
Date: Wed, 26 May 2004 07:32:46 -0400

 Looking at the output I sent it would seem that there is also a chmod 
 missing where I added the chown.
 
 Jim
 
 -- 
 /"\   ASCII Ribbon Campaign  .
 \ / - NO HTML/RTF in e-mail  .
   X  - NO Word docs in e-mail .
 / \ -----------------------------------------------------------------
 jeh@FreeBSD.org      http://www.FreeBSD.org     The Power to Serve
 jim@TheHousleys.Net  http://www.TheHousleys.net
 ---------------------------------------------------------------------
 Most people can't think, most of the remainder won't think, the small
 fraction who do think mostly can't do it very well.  The extremely tiny
 fraction who think regularly, accurately, creatively, and without
 self-delusion -- in the long run these are the only people who count...
 - Robert A. Heinlein
State-Changed-From-To: open->closed 
State-Changed-By: gad 
State-Changed-When: Sat Jun 12 15:46:21 GMT 2004 
State-Changed-Why:  
The fix for this has been committed to 5.x-current, and has also 
been MFC'ed to 4.x-stable.  Thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=67137 
>Unformatted:
