ELOG cannot open /etc/elogd.cfg error

When I attempted to add a new entry with a new category to an ELOG logbook on a Linux system, I saw the error message below:

Cannot open file /etc/elogd.cfg: Permission denied
Please use your browser's back button to go back

I checked the file permissions on the elogd.cfg configuration file and saw the following:

# ls -l /etc/elogd.cfg
-rw-r--r--. 1 root root 785 Jul 16 14:47 /etc/elogd.cfg
#

So only the root account had write access to the file. I then checked to see which account elogd was running under. The program lisens on port 8080 on that system. If you don't know the port that is being used for ELOG, you can find it in the /etc/elogd.cfg file. E.g.:

[global]
port = 8080

Knowing the network port a process is listening on, you can find the name of the process on a Linux system with the netstat command. If you use the -l option, you can indicate to netstat that you want to look for ports that a process is listening on, while the -p option tells it to display the process identifier (PID) and name of the program to which each socket belongs, and the -n option tells it that you are specifying a numeric port number, e.g., 80, rather than a descriptive name for the network protocol, e.g. HTTP. So, I used the command below, which showed me that the name of the program was elogd:

# netstat -lpn | grep 8080
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      
603/elogd

Note: if you don't run the command from the root account by logging into that account to run the command or putting sudo in front of the command, you won't see the process ID and name of the program listening on the port, if the process isn't running under the account from which you issued the command. You will, instead, see something like the following:

$ netstat -tulpn | grep 8080
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      
-

Since the netstat command, when run as root, showed the PID to be 603, I could then use the ps command to determine the user identifier (UID) for the account under which the program was being run.

# ps -f --pid 603
UID        PID  PPID  C STIME TTY          TIME CMD
elog       603     1  0 14:47 ?        00:00:01 /usr/sbin/elogd -D -c /etc/elogd
#

I could see the program was being run from the elog account and that there was also an elog group on the system.

# grep elog /etc/passwd
elog:x:987:982:ELOG logbook daemon user:/usr/share/elog:/sbin/nologin
# grep elog /etc/group
elog:x:982:
#

So to resolve the problem, I changed the group and permissions for the /etc/elogd.cfg file so that the group was elog and the group has write permission.

# chgrp elog /etc/elogd.cfg
# chmod g+w /etc/elogd.cfg
#

I then backed up to the previous page in the browser where I was attempting to submit the new entry. This time when I clicked on Submit, the entry was accepted. And, when I checked the /etc/elogd.cfg file, I found that the new category was added on the Options Category = line in the configuration file.