- Issued:
- 2010-03-30
- Updated:
- 2010-03-30
RHBA-2010:0211 - Bug Fix Advisory
Synopsis
sysklogd bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated sysklogd package that fixes various bugs is now available.
Description
The sysklogd package contains two system utilities (syslogd and klogd)
which provide support for system logging. Syslogd and klogd run as daemons
(background processes) and log system messages to different places, like
sendmail logs, security logs, error logs, etc.
This update addresses the following issues:
- the Red Hat Enterprise Linux syslogd init script creates files which are
readable by the root user only whereas the sysklogd(8) man page indicated
that "If a file is created it is world readable". The man page has been
updated with the correct information. (BZ#460232)
- the "-S" option was added to sysklogd 1.4.1-40, however, this option is
not displayed in the "SYNOPSIS" section of the sysklogd man page. This has
the potential to mislead users who use the man page for help. The "-S"
option has now been added to the "SYNOPSIS" section of the sysklogd man
page. (BZ#471174)
- when syslogd was started using the "-m" option with a non-zero argument,
the "errno" value of "select" was checked by the functions that log the
"MARK" message after the value had been reset from "EINTR" to "EINVAL".
This resulted in an incorrect message being logged to "/var/log/messages"
of the form; "syslogd: select: Invalid argument". A patch has been applied
to store the value of "errno" in a temporary variable prior to it being
reset and testing this stored value against "EINTR" for logging purposes.
The error message no longer appears in "/var/log/messages" when a non-zero
argument is passed to the "-m" option. (BZ#472875)
- syslogd.conf would cause a memory leak by forwarding messages to its IP
address, for example "*.*@192.168.122.5". This would result in processes
being terminated by the "OOM killer" to free up memory. A patch has been
applied to ensure that messages are not self-forwarded. (BZ#481600)
- when syslog messages were logged to the console, line feeds were not
inserted resulting in all messages being displayed on a single line. A
patch has been applied to ensure that each message appears on a new line.
(BZ#490897)
- if the "SIGALRM" signal was triggered during processing of the
"writeev()" function, syslog would cease logging to the console and
print a "/dev/console: Interrupted system call" message. Additionally,
log messages were truncanted in the event that the I/O buffer became full.
A patch has been applied to reschedule the "SIGALRM" signal prior to
calling the "writeev()" function to ensure messages are correctly
displayed to the console. (BZ#506683)
Users of sysklogd should upgrade to this updated package, which resolves
these issues.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 460232 - syslog creates files with mode 0600
- BZ - 471174 - syslogd man page enhancement request
- BZ - 472875 - Using -m option results in 'select: Invalid argument' messages in the log
- BZ - 490897 - syslog does not include a newline when logging to console/tty
- BZ - 506683 - syslogd stops writing any messages to /dev/console after an EINTR in syscall
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
sysklogd-1.4.1-46.el5.src.rpm | SHA-256: 0f83fee1fdb5b9d9c90f0b15d5faae1649731fc01f9173ea0bf4782e062284c8 |
x86_64 | |
sysklogd-1.4.1-46.el5.x86_64.rpm | SHA-256: 73ea2f78c7c96e3a63ecdc8767d298cfebbe22ba5d2f62ca0202780f02be2680 |
ia64 | |
sysklogd-1.4.1-46.el5.ia64.rpm | SHA-256: 8e985eed93c17392202c075fbe3f2f64d3441c96170b1a253675783bd762e429 |
i386 | |
sysklogd-1.4.1-46.el5.i386.rpm | SHA-256: 2eb51c7de029f7868a2cdbae5fbe54912685b784b0f6cdb4c1390a1451ca388e |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
sysklogd-1.4.1-46.el5.src.rpm | SHA-256: 0f83fee1fdb5b9d9c90f0b15d5faae1649731fc01f9173ea0bf4782e062284c8 |
x86_64 | |
sysklogd-1.4.1-46.el5.x86_64.rpm | SHA-256: 73ea2f78c7c96e3a63ecdc8767d298cfebbe22ba5d2f62ca0202780f02be2680 |
i386 | |
sysklogd-1.4.1-46.el5.i386.rpm | SHA-256: 2eb51c7de029f7868a2cdbae5fbe54912685b784b0f6cdb4c1390a1451ca388e |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
sysklogd-1.4.1-46.el5.src.rpm | SHA-256: 0f83fee1fdb5b9d9c90f0b15d5faae1649731fc01f9173ea0bf4782e062284c8 |
x86_64 | |
sysklogd-1.4.1-46.el5.x86_64.rpm | SHA-256: 73ea2f78c7c96e3a63ecdc8767d298cfebbe22ba5d2f62ca0202780f02be2680 |
i386 | |
sysklogd-1.4.1-46.el5.i386.rpm | SHA-256: 2eb51c7de029f7868a2cdbae5fbe54912685b784b0f6cdb4c1390a1451ca388e |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
sysklogd-1.4.1-46.el5.src.rpm | SHA-256: 0f83fee1fdb5b9d9c90f0b15d5faae1649731fc01f9173ea0bf4782e062284c8 |
s390x | |
sysklogd-1.4.1-46.el5.s390x.rpm | SHA-256: 85161707198816028ea36e027ea055147f8071978f7a9793591331df1fc2746d |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
sysklogd-1.4.1-46.el5.src.rpm | SHA-256: 0f83fee1fdb5b9d9c90f0b15d5faae1649731fc01f9173ea0bf4782e062284c8 |
ppc | |
sysklogd-1.4.1-46.el5.ppc.rpm | SHA-256: 8622258365d3c49918574c6ce8b229a2e5abf997104ff53431062f8b456f2440 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
sysklogd-1.4.1-46.el5.src.rpm | SHA-256: 0f83fee1fdb5b9d9c90f0b15d5faae1649731fc01f9173ea0bf4782e062284c8 |
x86_64 | |
sysklogd-1.4.1-46.el5.x86_64.rpm | SHA-256: 73ea2f78c7c96e3a63ecdc8767d298cfebbe22ba5d2f62ca0202780f02be2680 |
i386 | |
sysklogd-1.4.1-46.el5.i386.rpm | SHA-256: 2eb51c7de029f7868a2cdbae5fbe54912685b784b0f6cdb4c1390a1451ca388e |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.