29 Jan
2007
29 Jan
'07
4:59 p.m.
Hari Sekhon (hpsekhon@googlemail.com) wrote on 29 January 2007 15:23:
then the question is does it fail to open the /var/log/kernel/log file before or after dropping root privs
It doesn't fail to open in the sense that it tries and doesn't get it, otherwise I'd see the open call in strace and the permission denied return. It seems it simply doesn't do the open.
and can you solve this by granting the "logger" group the privs on the files?
That's how it is. All destinations belong to the user syslog-ng switches to.