I am getting the below given error when I try to forward certain log files using syslog-ng in Suse Linux
Starting syslog servicesError opening file for reading; filename='/tmp/app.log', error='Permission denied (13)' my conf file - Source definition seems to be ok
source app { file("/tmp/app.log"); }; I went through similar posts and dont see any problems with my steps.The weird part is that the file is owned by root and when i run syslog-ng as root it gives read permission error
Am I missing anything?
1 Answer
This problem is caused because of AppArmor linux security module. Solution to this problem is mentioned in attached thread. syslog-ng read file permission denied
Here are steps I followed.
- Open /etc/apparmor.d/sbin.syslong-ng
- Add /opt/xxx/logs/* rw, line anywhere. rw below means allow read & write access. Change your directory appropriately.
- Run apparmor_parser -r /etc/apparmor.d/sbin.syslong-ng to set new rules.
- Restart syslog-ng using service command or any other way you have set up.