search

GoogleCloudPlatform / guest-configs

Apache License 2.0
31 stars 41 forks source link

rsyslog.d/90-google.conf directs logging to /dev/console, but rsyslog doesn't have perm to open #48

Closed suckatrash closed 1 year ago

suckatrash commented 1 year ago

This was originally reported here: https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889 ...and looks like still happening in Ubuntu 22.04.2 LTS as recently as the ubuntu-2204-jammy-v20230302 builds.

vorakl commented 1 year ago

Thank you, @suckatrash for bringing up this issue and providing us with the background. Unfortunately, there is nothing really we can help with. The problem isn't related to this package or Google Guest Environment software. We do not add rsyslog service or configuring its integration with the distributions. We're just directing certain log messages to the console. It is up to the distributions how to configure supplied services.

For instance, you won't find this issue in other distributions. Here are a couple examples:

  1. Debian
$ cat /etc/os-release 
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

$ ls -l /dev/console 
crw------- 1 root root 5, 1 Apr 28 18:56 /dev/console

$ ps uax | grep rsyslog
root         364  0.0  0.0 220936  6304 ?        Ssl  Apr01   0:16 /usr/sbin/rsyslogd -n -iNONE
  1. Rocky Linux
$ cat /etc/os-release 
NAME="Rocky Linux"
VERSION="9.1 (Blue Onyx)"
ID="rocky"
ID_LIKE="rhel centos fedora"
VERSION_ID="9.1"
PLATFORM_ID="platform:el9"
PRETTY_NAME="Rocky Linux 9.1 (Blue Onyx)"
ANSI_COLOR="0;32"
LOGO="fedora-logo-icon"
CPE_NAME="cpe:/o:rocky:rocky:9::baseos"
HOME_URL="https://rockylinux.org/"
BUG_REPORT_URL="https://bugs.rockylinux.org/"
ROCKY_SUPPORT_PRODUCT="Rocky-Linux-9"
ROCKY_SUPPORT_PRODUCT_VERSION="9.1"
REDHAT_SUPPORT_PRODUCT="Rocky Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="9.1"

$ ls -l /dev/console 
crw--w----. 1 root tty 5, 1 Apr 28 18:58 /dev/console

$ ps uax | grep rsyslog
root         645  0.0  0.2 286832 16604 ?        Ssl  Apr19   0:41 /usr/sbin/rsyslogd -n

But, it does exist on Ubuntu. Canonical builds all packages for the distribution. And, as it was mentioned in the comment, https://github.com/GoogleCloudPlatform/compute-image-packages/issues/889#issuecomment-1499726903, there is a trick implemented with udev rules:

$ cat /usr/lib/udev/rules.d/99-gce.rules
# Give syslog write access to the kernel logs
KERNEL=="console", GROUP="syslog", MODE="0620"

# Switch to using NOOP as the default scheduler per GCE request
SUBSYSTEM=="block", ENV{DEVTYPE}!="partition", ACTION=="add|change", ENV{ID_VENDOR}=="*Google*", ATTR{queue/scheduler}="noop"

You won't find this file in the current repository. Apparently, there are some issues with this rule and how it fits the overall configuration, but I'd suggest to file a bug with Canonical, similar to this one https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1890177

There is nothing we can do here. I'm closing the issue.