FS#15095 - [syslog-ng] Logfiles owned by wrong group after install

Attached to Project: Arch Linux
Opened by Magnus Therning (magus) - Saturday, 13 June 2009, 20:32 GMT
Last edited by Allan McRae (Allan) - Sunday, 12 July 2009, 13:47 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Aaron Griffin (phrakture)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description: After a new installation the files in /var/log are owned by root:root, despite the configuration of syslog-ng saying that they should be of the group log.

Stopping syslog-ng, removing the log files in /var/log, and then starting syslog-ng will cause the creation of the log files, with the expected group.

This suggests that either a misconfigured syslog-ng creates the files during install, or that some other tool creates them. After that syslog-ng won't modify the group of any existing files.


Additional info:
* syslog-ng 3.0.1-6


Steps to reproduce:
Perform a new install and list the files in /var/log
This task depends upon

Closed by  Allan McRae (Allan)
Sunday, 12 July 2009, 13:47 GMT
Reason for closing:  Fixed
Additional comments about closing:  3.0.3-1
Comment by Gerardo Exequiel Pozzi (djgera) - Saturday, 13 June 2009, 22:18 GMT
Rare, syslog-ng pkg, does not install any files under /var/log. These files are created at first startup.
Comment by waldek (waldek_a) - Sunday, 14 June 2009, 09:03 GMT
if one does any change to /etc/syslog-ng.conf (it is even enough to open/save without modifications) and restarts the syslog-ng, then the right group ownership is created (root:log).
Comment by Magnus Therning (magus) - Sunday, 14 June 2009, 16:26 GMT
@Waldek, you are right, it does change group on the files, but you don't even need to touch the config file, restarting syslog-ng is enough. The funky thing is that this changing doesn't seem to happen unless I manually restart syslog-ng (using `/etc/rc.d/syslog-ng restart`). Somewhat counter-intuitively rebooting doesn't work.
Comment by waldek (waldek_a) - Sunday, 14 June 2009, 18:59 GMT
@Magnus: true, I tried it but thought did not worked. I checked the log of what I was doing and you are right.
Comment by Gerardo Exequiel Pozzi (djgera) - Sunday, 12 July 2009, 02:37 GMT
aja!, I detected the problem: when rc are executed, the user is root :), but no this root don't have aditional groups (no login). Is like if you go to init 1 and log with sulogin.

# id
uid=0(root) gid=0(root)
# ls -l /var/log/syslog.log
ls: cannot access /var/log/syslog.log: No such file or directory
# /usr/sbin/syslog-ng
# ls -l /var/log/syslog.log
-rw-r----- 1 root root 79 2009-07-12 02:25 /var/log/syslog.log

Anyway the problem is fixed in 3.0.3 ;)

Loading...