TransferLog to FIFO got permission denied

[HubbleDK]

Hi,

What I Did / Want

I'm trying to redirect transfer logs to a FIFO called "transfer" that has the very same owner and permissions than other
log files (sftp.log, ban.log, etc...) and is located in the same directory.
My goal is to have a PERL script that is reading this FIFO and process rows that are appended to it.
My source is your FIFO based script "ftpmail".
I'm able to start the PERL script without any issue, and when I'm putting data into the FIFO (cat data.txt > transfer), it's working well.

The annoying part is when I edit the proftpd.conf with this:
TransferLog /var/log/proftpd/transfer

ProFTPD is throwing:
unable to open TransferLog '/var/log/proftpd/transfer': Permission denied

Which is weird because, as I've said earlier, my FIFO has the same permissions than other log files.
If I change this configuration with standard:
TransferLog /var/log/proftpd/transfer.log

Everything works well. What am I missing ?

ProFTPD Version and Configuration

Version: 1.3.5e (maint)
Platform: LINUX [Linux 3.10.0-1160.95.1.el7.x86_64 x86_64]

Help would be much appreciated.

Thank you.

Dylan.

[Castaglia]

What are the command-line options you use, to start your FIFO-related Perl script? I'm wondering if there's a discrepancy between the path you tell the script to use, and the path you use for the TransferLog directive.

[HubbleDK]

The FIFO path is hardcoded in my Perl script to "/var/log/proftpd/transfer".

As I've explained in the original post, when I start my Perl script and put something in the /var/log/proftpd/transfer FIFO (like cat > /var/log/proftpd/transfer), it works.
I've checked the path also in my proftpd.conf, it's correct.
Never heard of this issue before ?

[Castaglia]

The version of ProFTPD you are running is 10 years old, so I want to see whether it's something that has been addressed in newer versions -- or if it's something else. Use of FIFOs for logging is not exactly common, so FIFO-related issues/errors don't come up for the community often.

Could you provide the output from running ls -aldn /var /var/log /var/log/proftpd /var/log/proftpd/transfer, both with and without your FIFO Perl script running? I'd like to re-create this issue locally, and to do that I'd like to know the permissions on that path (and its parent directories), to make sure my local setup matches your environment. Thanks!

[HubbleDK]

This is the result of the command you asked for when the Perl script is not running:

and when it's running:

Same output, but I hope this helps.

[Castaglia]

The permissions on your /var/log/proftpd/ directory:

drwxr-x---.   2 0  0      72 Nov 13 10:19 /var/log/proftpd

indicate that it is owned by user "root", group "root". In addition, it shows that user "root" has full access (read, write, execute), and that group "root" has read and execute permissions. However, any non-root user/group has no access to that directory.

Opening a path such as /var/log/proftpd/transfer, by a non-root user (such as one that has authenticated in ProFTPD) requires read permissions in that parent /var/log/proftpd/ directory. Thus you might try:

$ sudo chmod o+r /var/log/proftpd

which says "add the read permission for other" users.