Hello, On Sun, Oct 11, 2020 at 02:41:37PM -0700, pe...@easthope.ca wrote: > All of the files and most of the directories in /var/log/ are owned > by root. These are the exceptions. > > root@joule:/var/log# ls -ld {c*,ex*,s*}/ > drwxr-xr-x 2 _chrony _chrony 4096 Jul 22 2017 chrony/ > drwxr-s--- 2 Debian-exim adm 4096 Oct 11 00:00 exim4/ > drwxr-xr-x 2 stunnel4 stunnel4 4096 Jul 16 2019 stunnel4/ > > Comments about the unusual ownerships?
These daemons don't run as root and so to allow them to still log it's easier to just let their log files be owned by their non-root user. There's a few other ways this could have been achieved, but that's probably the simplest. > Most of the group ownerships are root or adm. > > What determines adm or root? adm isn't widely used, and is kind of historical, but is sometimes used for log files that may contain private information. The files/directories are left readable by group adm so that users and tools in that group can read them. Other less sensitive log files are often left group root but world readable. See https://wiki.debian.org/SystemGroups for more info. Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting