[syslog-ng] Umask funkiness

Robin Blanchard rblanchard at nephilaadvisors.com
Fri Feb 9 16:48:01 UTC 2018 

Why not explicitly manage the perms/ownerships with syslog-ng itself? Eg

    owner ("owner");
    group ("group");
    dir-owner ("owner");
    dir-group ("group");
    perm (0644);
    dir-perm (0755);

-----Original Message-----
From: syslog-ng [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Declan White
Sent: Friday, February 9, 2018 10:39 AM
To: syslog-ng at lists.balabit.hu
Subject: [syslog-ng] Umask funkiness

I have a directory owned by the syslog-ng user. Its group however belongs to a group of which the user is not a member.
The directory is g+s, so that all files and dirs made within it inherit the group owner (and the g+s in the case of dirs).

syslog-ng is running with a umask of 022 (interrogated running process to be sure). 
The file("/dir/${FOO}/${BAR}") destination driver has :
                create-dirs(yes) 
                perm()
                dir-owner()
                dir-group()
                dir-perm()
i.e. "don't change any perms"

The aim of the game is to end up with files and dirs readable, but not writable, by the inherited group owner.
I can't get it working. I am always ending up with 
drwx--S--- dirs and 
-rw------- files

Solaris. syslog-ng-3.12.1

-- 
Declan White
______________________________________________________________________________
Member info: https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Crblanchard%40nephilaadvisors.com%7Cfb444356113d48ac735e08d56fdbaa70%7C514662bec8aa4f2284bdb5261f93c9eb%7C0%7C1%7C636537911611629716&sdata=DMBuLPhJAAJ70VVVk3Ni7qeicyri%2FG8j8VsrbNwqDSA%3D&reserved=0
Documentation: https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Crblanchard%40nephilaadvisors.com%7Cfb444356113d48ac735e08d56fdbaa70%7C514662bec8aa4f2284bdb5261f93c9eb%7C0%7C1%7C636537911611629716&sdata=p%2FNfPPTDrJFTEuZpuSap8L7vvR7Pk%2BN7ilP58svtR94%3D&reserved=0
FAQ: https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Crblanchard%40nephilaadvisors.com%7Cfb444356113d48ac735e08d56fdbaa70%7C514662bec8aa4f2284bdb5261f93c9eb%7C0%7C1%7C636537911611629716&sdata=tYkusXSejtf05DpuezwRX1i2KZeRG4Mb1bbkn0yqUbo%3D&reserved=0

More information about the syslog-ng mailing list