zabbix_proxy : cannot open "/var/log/zabbix-proxy/zabbix_proxy.log":  Permission denied
I frequently come across this issue when trying to investigate why a Zabbix agent isn't communicating successfully with our Zabbix server.
When I navigate to https://pfsense-ip-address/status_logs_packages.php?pkg=Zabbix%20Proxy%205.0 I'm presented with the following (truncated) logs
Jul 15 03:09:00 queeg500 newsyslog: logfile turned over due to size>500K zabbix_proxy : cannot open "/var/log/zabbix-proxy/zabbix_proxy.log":  Permission denied zabbix_proxy : cannot open "/var/log/zabbix-proxy/zabbix_proxy.log":  Permission denied *** Above lines repeated 50+ times *** Jul 15 03:09:00 queeg500 newsyslog: logfile turned over due to size>500K ... ...
Logging appears to have stopped ~40 days ago.
Restarting the Zabbix proxy service (via https://pfsense-ip-address/status_services.php#) gets logging working again, however its a pain because I generally speaking I wanted to see the logs for the past to investigate the problem I'm dealing with at that specific time.
I suspect the issue is related to log rotation and file permissions based on the Permission denied error and that newsyslog is mentioned before and after the logging stops working.
Today, before I restart the service I checked who owned the log file...
[2.6.0-RELEASE][root@pfsense-ip-address]/root: ls -l /var/log/zabbix-proxy/ total 106 -rw------- 1 root wheel 80 Jul 15 03:09 zabbix_proxy.log -rw------- 1 root wheel 29744 Jul 15 03:09 zabbix_proxy.log.0.bz2 -rw------- 1 root wheel 33193 Jun 6 13:47 zabbix_proxy.log.1.bz2 -rw------- 1 root wheel 34871 May 4 09:48 zabbix_proxy.log.2.bz2
After I restarted the service I checked again...
[2.6.0-RELEASE][root@fsense-ip-address]/root: ls -l /var/log/zabbix-proxy/ total 110 -rw------- 1 zabbix zabbix 3218 Aug 25 13:42 zabbix_proxy.log -rw------- 1 zabbix zabbix 29744 Jul 15 03:09 zabbix_proxy.log.0.bz2 -rw------- 1 zabbix zabbix 33193 Jun 6 13:47 zabbix_proxy.log.1.bz2 -rw------- 1 zabbix zabbix 34871 May 4 09:48 zabbix_proxy.log.2.bz2
Investigating further I found the contents of `/var/etc/newsyslog.conf.d/zabbix_proxy.log.conf` does indeed set the owner to root
# Automatically generated for package Zabbix Proxy 5.0. Do not edit. /var/log/zabbix-proxy/zabbix_proxy.log root:wheel 600 7 500 * JC
I'll try and remember to check tomorrow but I suspect the files will be owned by root again after the (presumably) daily log rotation occurs.I haven't made any customizations to the pfsense box. The only other plugins installed are
- open-vm-tools v10.1.0_5,1
- openvpn-client-export v1.6_4
- zabbix-agent5 v1.0.4_12
- zabbix-proxy5 v1.0.4_12
I compared `/var/etc/newsyslog.conf.d/zabbix_ agentd .log.conf` with `/var/etc/newsyslog.conf.d/zabbix_ proxy .log.conf`, both set the owners to root
I then checked the ownership of the agent's log files, to my surprize they're owned by Zabbix. I have not restarted the Zabbix agent service today
ls -l /var/log/zabbix-agent/ total 5 -rw-rw-r-- 1 zabbix zabbix 11450 Aug 15 11:49 zabbix_agentd.log
Updated by Juraj Lutter 7 days ago
I see the same behavior, independently from Zabbix versions. The problem indeed, is in
newsyslog config for the services.
These erroneous files are not leftovers after previous versions or something similar. I even did
pkg install -f pfSense-pkg-zabbix-proxy5
to no avail.