This is driving me up a wall, and I'm hoping that someone can give me some help... I'm trying to set up a server that's going to take syslog messages coming in on local5, and put them in a log file. I've defined a source that listens on all interfaces, on UDP port 514. That seems to be working fine -- netstat shows that syslog is listening on that port, and messages do come in on it. I've got a filter set up as filter f_comblog { facility(local5); }; I've got a destination set up this way: destination d_comblog { file("/space/comblog/local5" perm(0644)); }; And the the log statement is defined this way: log { source(netsrc); filter(f_comblog); destination(d_comblog); }; No complaints from syslog-ng about the syntax or anything else. The trouble that I'm having is that syslog-ng refuses to open the destination file for writing, giving me the message "Cannot open file /space/comblog/local5 for writing (Permission denied)" I get this message even with permissions relaxed all the way to 0777, on the file itself, on the directory in which the file is located, and even on the directory above that. I can create another file in the directory with identical permissions, and open it, write to it, etc with vi, so there isn't a problem with the partition being ro or anything like that. `lsof` indicates that no other process has the log file open for reading, writing, or anything else. Syslog-ng is running as root. The one thing that occurs to me is that there might be some problem with my mount tree. The directory /space has a partition mounted to it, and then /space/comblog has a different partition mounted on it. Is that something that would cause a problem for syslog-ng? I tried doing an strace, which was uninformative -- it just shows an "-1 EPERM" exit when syslog-ng tries to open the file. I'm going crazy with this one...anyone? Thanks! - Ian