On 10/26/05, Yan M. <yannnick_m@yahoo.com> wrote:
Hi, in syslog-ng.conf man page it is said that the option group(gid); is used to set group on created logfiles. Im trying to use that and it does not work it is setting the group, not to the group I specify in that group() directive, but to the group syslog-ng runs as. Also, the man page specifies you have to enter the gid in the group() option but the syslog-ng daemon wont start when the gid is specified in its numeral form. It should be group(groupname); instead of group(gid); in the man page. Does the chgrp works only when syslog-ng is running as root ? If so, it is not a documented feature ..
I suppose it's not documented because it's a standard UNIX security measure to not allow non-root users to create files belonging to other users. This would allow users to get around quotas and do other nefarious things. I do agree that if it's not in the docs, that this should be added. To work around it you'll need to either run syslog-ng as root and assign file ownership to another user (less desirable) or create it with explicit file permissions that allow the users/groups that you desire to see it (more desirable).