Rsyslog Charm

disable imklog for containers

Bug #2009556 reported by Shunde Zhang on 2023-03-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Rsyslog Charm	Triaged	Wishlist	Unassigned

Bug Description

By default rsyslog has imklog module enabled in /etc/rsyslog.conf

# provides kernel logging support and enable non-kernel klog messages
module(load="imklog" permitnonkernelfacility="on")

This module reads from /proc/kmsg which requires root privilege.

However, when running rsyslog in a (LXD, Docker) container, the container doesn't often have root privilege.
This results in having a lot of error messages in rsyslog's output.

Mar 6 01:00:33 juju-ba8709-8-lxd-16 rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Permission denied.
Mar 6 01:01:56 juju-ba8709-8-lxd-16 rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Permission denied.
Mar 6 01:13:41 juju-ba8709-8-lxd-16 rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Permission denied.
Mar 6 01:14:10 juju-ba8709-8-lxd-16 rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Permission denied.
Mar 6 04:40:49 juju-ba8709-8-lxd-16 rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Permission denied.

Currently the user has to use another tool, such as ansible or puppet to disable this module in /etc/rsyslog.conf.
It would be good if this charm can do that too.

Tags:

Eric Chen (eric-chen) on 2023-03-07

Changed in charm-rsyslog:
importance:	Undecided → Wishlist
status:	New → Triaged

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.