SAR
Noticed SAR had not been collecting statistics for a while, looks like it actually stopped around the time I upgraded to F26 rather than being a F27 issue.
Systemctl showed the sysstat.service was running, just not producing any data. There were old sarNN files in /var/log/sa but not current sarNN files, and no saNN files.
A bit of googling and a wild guess… deleting all the old files in /var/log/sa and a “systemctl restart sysstat” seems to have fixed that, at least there is a saNN file being written for today.
The logger program in F27 only works for the root user
Running logger as anybody other than root fails to log any messages (note selinux is permissive and there are no audit denies anyway). Running as root logs OK.
This is new behaviour, some of my system health check scripts use logger to report OK, and the OK messages are checked for by nrpe plugins (via nagios/nrpe). The issue was picked up as the nrpe checks were unable to find any matching messages in /var/log/messages, as logger was just not writing them… as of course like any sensible user check scriots do not need to run as root.
My initial plan for a quick fix was the thought that I shold just turm the SUID bit on logger and look into the issue later, as it isomething that should be available to any iser that wants it… but the SUID bit could not be set !?!?!. As seen below, no change.
[root@vosprey2 ~]# which logger /usr/bin/logger [root@vosprey2 ~]# cd /usr/bin [root@vosprey2 bin]# ls -la logger -rwxr-xr-x. 1 root root 49616 Sep 22 20:37 logger [root@vosprey2 bin]# chmod o+s logger [root@vosprey2 bin]# ls -la logger -rwxr-xr-x. 1 root root 49616 Sep 22 20:37 logger [root@vosprey2 bin]#
So my current workaround is to add /usr/bin/logger to the sudoers file for my userid as that is the userid my cron jobs run under and alter the scripts that use logger to sudo /usr/bin/logger.
Defaults:mark !requiretty mark vosprey2=NOPASSWD: /usr/bin/logger
Not ideal, but it will do until I figure out whu non-root users can no logger use logger.
