[syslog-ng] [EXTERNAL] Re: ACLs with syslog-ng
Faine, Mark R. (MSFC-IS40)[NICS]
mark.faine at nasa.gov
Wed May 19 15:08:40 UTC 2021
I have tried the backup and restore and it just got to be too complicated. I did not know about owner(), if that works it will solve the problem. Currently we're setting everything, like this:
perm(0640);
dir-perm(0750);
dir-owner('root');
owner('root');
dir-group('splunk');
group('splunk');
Hopefully, all of those options can be specified with empty parameters. Basically, I just need syslog-ng to not do anything with permissions and everything should be fine.
-Mark
-----Original Message-----
From: Fabien Wernli <wernli at in2p3.fr>
Sent: Wednesday, May 19, 2021 08:54
To: Faine, Mark R. (MSFC-IS40)[NICS] <mark.faine at nasa.gov>
Cc: Syslog-ng users' and developers' mailing list <syslog-ng at lists.balabit.hu>
Subject: Re: RE: [EXTERNAL] Re: [syslog-ng] ACLs with syslog-ng
On Wed, May 19, 2021 at 12:24:10PM +0000, Faine, Mark R. (MSFC-IS40)[NICS] wrote:
> No, I can try that, but I don't suspect it will help since the ACLs are there when syslog-ng starts. However, after files are written to or a new file is created, the ACL is lost.
You could backup the acl in setup() and restore it in startup() or something
like that. I thought of something else : did you try using owner() (without
argument) ? According to the docs, it should retain the "original properties of the file", although I'm not sure this includes ACLs.
More information about the syslog-ng
mailing list