pam_tally2: Error opening /var/log/tallylog for update: Permission denied
patsevanton opened this issue · 7 comments
CentOS 7
Current mode: enforcing
When install by yum
yum -y install yum-plugin-copr
yum -y copr enable antonpatsev/VictoriaMetrics
yum makecache
yum -y install vmsingle
Error:
pam_tally2: Error opening /var/log/tallylog for update: Permission denied
pam_tally2: Authentication error
useradd: failed to reset the tallylog entry of user "victoriametrics"
I will check it today.
CentOS 7
Current mode: enforcing
pam_tally2: Error opening /var/log/tallylog for update: Permission denied pam_tally2: Authentication error useradd: failed to reset the tallylog entry of user "victoriametrics"
[root@centos7 vagrant]# uname -a
Linux centos7 3.10.0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[root@centos7 vagrant]# cat /etc/*release
CentOS Linux release 7.9.2009 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
CentOS Linux release 7.9.2009 (Core)
CentOS Linux release 7.9.2009 (Core)
[root@centos7 vagrant]# systemctl status victoriametrics
● victoriametrics.service - VictoriaMetrics is a fast, cost-effective and scalable monitoring solution and time series database.
Loaded: loaded (/usr/lib/systemd/system/victoriametrics.service; disabled; vendor preset: disabled)
Active: active (running) since пн 2021-09-27 09:40:20 UTC; 6s ago
Main PID: 8221 (victoria-metric)
CGroup: /system.slice/victoriametrics.service
└─8221 /usr/bin/victoria-metrics-prod -storageDataPath=/var/lib/victoria-metrics-data -retentionPeriod=12
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.241Z info VictoriaMetrics/lib/mergeset/table.go:258 opening table "...EF60BB"...
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.242Z info VictoriaMetrics/lib/mergeset/table.go:293 table "/var/lib...zeBytes: 0
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.242Z info VictoriaMetrics/lib/mergeset/table.go:258 opening table "...EF60BA"...
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.245Z info VictoriaMetrics/lib/mergeset/table.go:293 table "/var/lib...zeBytes: 0
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.252Z info VictoriaMetrics/app/vmstorage/main.go:101 successfully op...zeBytes: 0
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.253Z info VictoriaMetrics/app/vmselect/promql/rollup_result_cache.go:106 ...Result"...
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.253Z info VictoriaMetrics/app/vmselect/promql/rollup_result_cache.go:132 ...zeBytes: 0
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.253Z info VictoriaMetrics/app/victoria-metrics/main.go:61 started V...19 seconds
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.253Z info VictoriaMetrics/lib/httpserver/httpserver.go:82 starting ...p://:8428/
вер 27 09:40:20 centos7 victoria-metrics-prod[8221]: 2021-09-27T09:40:20.253Z info VictoriaMetrics/lib/httpserver/httpserver.go:83 pprof han...bug/pprof/
Hint: Some lines were ellipsized, use -l to show in full.
[root@centos7 vagrant]# ll /var/log/
total 284
drwxr-xr-x. 2 root root 219 кві 30 2020 anaconda
drwx------. 2 root root 23 вер 27 08:50 audit
-rw-------. 1 root utmp 0 вер 27 08:52 btmp
drwxr-xr-x. 2 chrony chrony 6 сер 8 2019 chrony
-rw-------. 1 root root 1602 вер 27 09:40 cron
-rw-r--r--. 1 root root 27571 вер 27 08:50 dmesg
-rw-------. 1 root root 1315 вер 27 08:53 grubby
-rw-r--r--. 1 root root 193 кві 30 2020 grubby_prune_debug
-rw-r--r--. 1 root root 292292 вер 27 09:40 lastlog
-rw-------. 1 root root 196 вер 27 08:50 maillog
-rw-------. 1 root root 124110 вер 27 09:40 messages
drwxr-xr-x. 2 root root 6 сер 8 2019 qemu-ga
drwxr-xr-x. 2 root root 6 кві 30 2020 rhsm
drwx------. 3 root root 17 чер 9 16:17 samba
-rw-------. 1 root root 7004 вер 27 09:40 secure
-rw-------. 1 root root 0 кві 30 2020 spooler
-rw-------. 1 root root 64000 вер 27 09:40 tallylog
drwxr-xr-x. 2 root root 23 лют 2 2021 tuned
-rw-rw-r--. 1 root utmp 1920 вер 27 08:52 wtmp
-rw-------. 1 root root 8037 вер 27 09:40 yum.log
[root@centos7 vagrant]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
Fresh Centos 7 from Vagrant don't have any issue. It looks like that the problem applies only for your cloud provider.
Sorry.
I added:
When install by yum
yum -y install yum-plugin-copr
yum -y copr enable antonpatsev/VictoriaMetrics
yum makecache
yum -y install vmsingle
yum -y install vmsingle
I'v got the same result.
I wrote asciinema record https://asciinema.org/a/JaIQU3QELlxjQthRHt6BJ2T5g
On 1:05 i saw error:
pam_tally2: Error opening /var/log/tallylog for update: Permission denied
pam_tally2: Authentication error
useradd: failed to reset the tallylog entry of user "victoriametrics"
I think that we can ignore this message as explained in Varying-Vagrant-Vagrants/VVV#1781 (comment) and after installation all logs are written to the system log. But if it will cause a bug in future we can add personal directory for logs to /var/log/victoriametrics/<package_name>/
path.
Ok. But issue let will open.