Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-5320

dnsmasq: cannot open log /var/log/dnsmasq.log

XMLWordPrintable

    • dnsmasq-2.85-12.el9
    • None
    • None
    • rhel-sst-cs-net-perf-services
    • ssg_core_services
    • 21
    • 24
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • Automated
    • If docs needed, set a value
    • None

      This bug was initially created as a copy of Bug #2024166 & #1663692

      I am copying this bug because: issue is reproducible in RHEL 9.1
      Package version: dnsmasq-2.85-5.el9.x86_64

      Description of problem:

      DNSmasq failing to start when configured to use a separate log file via log-facility directive.
      This occurs if the file does not have a write permission for group, while SELinux is running in enforcing mode

      How reproducible:
      If a "log-facility=/var/log/dnsmasq.log" has been defined in /etc/dnsmasq.conf, the issue is always present.
      If the log-facility is commented out, dnsmasq runs correct.

      Steps to Reproduce:
      1. Install dnsmasq
      3. Edit /etc/dnsmasq.conf to include "log-facility=/var/log/dnsmasq.log"
      4. Run: systemctl enable dnsmasq
      5. Run: systemctl start dnsmasq
      6. Run: systemctl status dnsmasq
      7. Run: systemctl restart dnsmasq

      Actual results:
      dnsmasq fails to restart:
      × dnsmasq.service - DNS caching server.
      Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
      Active: failed (Result: exit-code) since Wed 2022-12-28 13:11:43 EST; 1min 50s ago
      Process: 1544 ExecStart=/usr/sbin/dnsmasq (code=exited, status=3)
      CPU: 6ms

      Dec 28 13:11:43 rhel9-1.adamibrahim.net systemd[1]: Starting DNS caching server....
      Dec 28 13:11:43 rhel9-1.adamibrahim.net dnsmasq[1544]: dnsmasq: cannot open log /var/log/dnsmasq.log: Permission denied
      Dec 28 13:11:43 rhel9-1.adamibrahim.net dnsmasq[1544]: cannot open log /var/log/dnsmasq.log: Permission denied
      Dec 28 13:11:43 rhel9-1.adamibrahim.net dnsmasq[1544]: FAILED to start up
      Dec 28 13:11:43 rhel9-1.adamibrahim.net systemd[1]: dnsmasq.service: Control process exited, code=exited, status=3/NOTIMPLEMENTED
      Dec 28 13:11:43 rhel9-1.adamibrahim.net systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
      Dec 28 13:11:43 rhel9-1.adamibrahim.net systemd[1]: Failed to start DNS caching server..

      Expected results:
      dnsmasq should start.

      Additional info:

      • Removing log-facility=/var/log/dnsmasq.log from the configuration makes dnsmasq start just fine.
      • Switching SELinux to permissive, allows dnsmasq to start correctly using systemctl.

      Per Bug #2024166:
      ===
      Posted upstream, already accepted:

      https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016070.html

      Accepted and merged:
      http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1f8f78a49b8fd6b2862a3882053b1c6e6e111e5c
      ===

              pemensik@redhat.com Petr Mensik
              rhn-support-adibrahi Adam Ibrahim Ahmat
              Petr Sklenar Petr Sklenar
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: