waldek wrote:
Dnia sobota 13 czerwiec 2009 o 11:05:13 Thomas Bächler napisał(a):
Magnus Therning schrieb:
interesting, it did not work for me. in the /etc/syslog-ng.conf there was:
group("log");
and syslog-ng ignored this setting, I changed it to:
group(19);
as specified in the man page and it works fine now. Yes, same here. There should be a bug raised I guess. If no one beats me to it I'll raise on tonight. It probably should. I'm confused though, it works for me with the group name (as in the default config).
Speaking about confusion - seems to work now with both options:
group("log");
and
group(19);
funny thing is that the "group("log");" is in the default one .conf file, so the logs should have belonged to the log group but they did not - belive me - I am not mad ;-) the only proof I have is this:
[waldek@wolfblade log]$ ll syslog.log* -rw-r----- 1 root log 338 2009-06-13 11:56 syslog.log -rw-r----- 1 root root 5483 2009-06-10 22:02 syslog.log.1 -rw-r----- 1 root root 1131 2009-05-30 09:44 syslog.log.2 -rw-r----- 1 root root 2493 2009-05-27 06:48 syslog.log.3 -rw-r----- 1 root root 875 2009-05-16 09:00 syslog.log.4
I have a newly installed system and I can confirm that all files in /var/log are owned by root:root. A little experiment: 1. stop syslog-ng 2. move aside /var/log/syslog.log (e.g. to /var/log/syslog.log.oldie 3. start syslog-ng 4. check the permissions on /var/log/syslog.log--on my system they were now root:log So, it seems the problem is that the logs in /var/log are created either by an instance of syslog-ng that doesn't have the correct configuration, or by something completely different. There seems to be no way to tickle syslog-ng to modify the group of already existing files :-( I raised bug 15095. /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe