Just some info: rsyslog never changes file permissions, owner, group, ... It just applies them if it creates the file. If the file is pre-created, rsyslog uses what is present.
Rainer On Tue, Aug 19, 2014 at 12:56 AM, Jon <[email protected]> wrote: > Thanks for the privdrop hint. After finding the rsyslog doc I decided > to keep the benefits of privdrop. I'm testing tweaking the perms of > the initial log file and attempting to make logrotate play nicely with > rsyslog. > > $ cat /etc/logrotate.d/testvan > /srv/sdrop/xfer/log/testvan.log { > rotate 7 > missingok > notifempty > size 500k > delaycompress > compress > create 0460 xfer adm > postrotate > reload rsyslog >/dev/null 2>&1 || true > endscript > } > > On Sun, Aug 17, 2014 at 7:47 PM, David Lang <[email protected]> wrote: > > Try eliminating the privdrop, that can have some 'interesting' > interactions > > with permissions. > > > > David Lang > > > > > > On Sun, 17 Aug 2014, Jon wrote: > > > >> On on Ubuntu Server 14.04.1 64bit install, I am not able to persuade > >> rsyslog to create a custom log with correct user and group > >> ownership. > >> > >> The resulting log file (testvan.log) has correct content but has > >> `syslog:syslog` > >> ownership rather than `xfer:adm` ownership as requested via > `action(...)` > >> in my custom config shown below. > >> > >> $ ll -d /srv/sdrop/xfer/log > >> drwxrwxr-x 2 xfer adm 4096 2014-08-16 13:24:42 /srv/sdrop/xfer/log/ > >> > >> > >> $ ll /srv/sdrop/xfer/log > >> -rw-r----- 1 syslog syslog 61 2014-08-16 13:24:42 testvan.log > >> > >> > >> I suspect this is my problem rather than rsyslog's but have been > >> unable to resolve. What am I doing wrong? > >> > >> > >> > >> === ENVIRONMENT and CONFIG === > >> > >> $ uname -a > >> Linux tester 3.13.0-34-generic #60-Ubuntu SMP Wed Aug 13 15:45:27 UTC > >> 2014 x86_64 x86_64 x86_64 GNU/Linux > >> > >> > >> $ rsyslogd -N1 > >> rsyslogd: version 7.4.4, config validation run (level 1), master > >> config /etc/rsyslog.conf > >> rsyslogd: End of config validation run. Bye. > >> $ echo $? > >> 0 > >> > >> > >> $ cat /etc/rsyslog.conf > >> ...SNIP... > >> # Set the default permissions for all log files. > >> # > >> $FileOwner syslog > >> $FileGroup adm > >> $FileCreateMode 0640 > >> $DirCreateMode 0755 > >> $Umask 0022 > >> $PrivDropToUser syslog > >> $PrivDropToGroup syslog > >> ...SNIP... > >> # Include all config files in /etc/rsyslog.d/ > >> # > >> $IncludeConfig /etc/rsyslog.d/*.conf > >> > >> > >> $ cat /etc/rsyslog.d/50-default.conf > >> ...SNIP... > >> *.*;auth,authpriv.none,local3. > >> none -/var/log/syslog > >> ...SNIP... > >> > >> > >> # my custom rsyslog configuration to create > >> `/srv/sdrop/xfer/log/testvan.log` content > >> # when scripted similar to `logger -p local3.info "my custom log > message" > >> $ cat /etc/rsyslog.d/40-testvan.conf > >> template(name="testvan" type="string" > >> string="[%timegenerated:::date-rfc3339%] %syslogtag%%msg%\n") > >> local3.* action(type="omfile" > >> file="/srv/sdrop/xfer/log/testvan.log" template="testvan" > >> fileCreateMode="0640" fileOwner="xfer" fileGroup="adm") > >> > >> > >> $ cat /etc/passwd | grep -E '\badm|\bsyslog|\bxfer' > >> syslog:x:101:103::/home/syslog:/bin/false > >> xfer:x:1002:1003::/srv/sdrop/xfer:/usr/sbin/nologin > >> > >> > >> $ cat /etc/group | grep -E '\badm|\bsyslog|\bxfer' > >> adm:x:4:jon,syslog > >> syslog:x:103: > >> xfer:x:1003: > >> _______________________________________________ > >> rsyslog mailing list > >> http://lists.adiscon.net/mailman/listinfo/rsyslog > >> http://www.rsyslog.com/professional-services/ > >> What's up with rsyslog? Follow https://twitter.com/rgerhards > >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T > >> LIKE THAT. > >> > > _______________________________________________ > > rsyslog mailing list > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of > > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > > LIKE THAT. > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
