[syslog-ng] syslog-ng.conf : option group(<gid>); does not
work ( stable version )
Balazs Scheidler
bazsi at balabit.hu
Fri Oct 28 12:19:32 CEST 2005
On Thu, 2005-10-27 at 20:24 -0700, catenate wrote:
> On 10/27/05, Yan M. <yannnick_m at yahoo.com> wrote:
> From the chgrp man page in Solaris :
>
> To change the group ID of a file, the process must be the
> owner of the file and the new group ID must be the group of
> the process ID or must be in the supplementary group list of
> the process.
>
> So if the user has which the syslog-ng process is in the
> supplementary group to which
> I want to change ownership of the file to, it should work.
> It works in a shell.
>
> For some reason I read it as you trying to give away file ownership,
> not group ownership. I just verified this behavior you describe on
> Solaris 8. The same config does set the group perms as specified when
> running as root, but when running as a non-root user the group
> ownership is always the primary group of the user that the process is
> running as.
Specify the userid as well to the user you want to own the files.
syslog-ng does chown/chgrp at the same time, and if one fails the other
fails too. Alternatively apply this patch, which separates user/group
setting to separate calls, so they become independent.
Index: affile.c
===================================================================
RCS file: /var/cvs/syslog-ng/syslog-ng/src/affile.c,v
retrieving revision 1.61.4.3
diff -u -r1.61.4.3 affile.c
--- affile.c 5 Aug 2004 11:35:12 -0000 1.61.4.3
+++ affile.c 28 Oct 2005 10:18:51 -0000
@@ -127,8 +127,10 @@
}
*fd = open((char *) name->data, flags, mode);
}
- if (uid != -1 || gid != -1)
- chown((char *) name->data, uid, gid);
+ if (uid != -1)
+ chown((char *) name->data, uid, -1);
+ if (gid != -1)
+ chown((char *) name->data, -1, gid);
if (mode != -1)
chmod((char *) name->data, mode);
return *fd != -1;
--
Bazsi
More information about the syslog-ng
mailing list