On 10/26/05, <b class="gmail_sendername">Yan M.</b> <<a href="mailto:yannnick_m@yahoo.com">yannnick_m@yahoo.com</a>> wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>Hi,</div>
<div>in syslog-ng.conf man page it is said that the option group(gid); is used</div>
<div>to set group on created logfiles. Im trying to use that and it does not work</div>
<div>it is setting the group, not to the group I specify in that group() directive, but to </div>
<div>the group syslog-ng runs as.</div>
<div> </div>
<div>Also, the man page specifies you have to enter the gid in the group() option</div>
<div>but the syslog-ng daemon wont start when the gid is specified in its numeral form.</div>
<div>It should be group(groupname); instead of group(gid); in the man page.</div>
<div> </div>
<div>Does the chgrp works only when syslog-ng is running as root ? If so, it is not</div>
<div>a documented feature ..</div></blockquote><div><br>
I suppose it's not documented because it's a standard UNIX security
measure to not allow non-root users to create files belonging to other
users. This would allow users to get around quotas and do other
nefarious things.<br>
<br>
I do agree that if it's not in the docs, that this should be added. To
work around it you'll need to either run syslog-ng as root and assign
file ownership to another user (less desirable) or create it with
explicit file permissions that allow the users/groups that you desire
to see it (more desirable).<br>
</div></div>