User Tools

Site Tools


wiki:install_authbind_to_allow_port_514_on_graylog

Background

attempting to start Syslog port 514 as an input after installing Graylog will fail. This is due to graylog-server running as a non-root users. Ports below 1024 require root level permissions.

Ideal Prerequisites

Software you should have installed before attempting this task

  • Ubuntu
  • Graylog

Caveats

  • if chmod 500 does not work substitute with chmod 755.

Steps

Install authbind

sudo apt-get install authbind -y

Configure UDP 514 to Authbind (the “!” is for UDP, remove it for TCP)

sudo touch '/etc/authbind/byport/!514'
sudo chown graylog:graylog '/etc/authbind/byport/!514'
sudo chmod 500 '/etc/authbind/byport/!514'

Configure /etc/default/graylog-server to use authbind as a wrapper

sudo sed -i "s/GRAYLOG_COMMAND_WRAPPER=\"\"/GRAYLOG_COMMAND_WRAPPER=\"authbind\"/" /etc/default/graylog-server

Restart Graylog

service graylog-server restart

…or

sudo systemctl restart graylog-server.service

References

Discussion

Enter your comment. Wiki syntax is allowed:
If you can't read the letters on the image, download this .wav file to get them read to you.
 
wiki/install_authbind_to_allow_port_514_on_graylog.txt · Last modified: 2019/08/04 01:21 by ctv_admin