[arch-general] Making logs readable by other user than root
Is there a good HOWTO on making syslog-ng create files with owner:group other than root:root? I'd like to make it possible for some users to read the logs in /var/log. Any good suggestion for an already existing group to use? I was thinking of either log or wheel, any thoughts? /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe
Magnus Therning schrieb:
Is there a good HOWTO on making syslog-ng create files with owner:group other than root:root? I'd like to make it possible for some users to read the logs in /var/log.
Any good suggestion for an already existing group to use? I was thinking of either log or wheel, any thoughts?
syslog-ng uses root:log in its default configuration. If it doesn't check /etc/syslog-ng.conf.pacnew and see if the log group exists for you.
Dnia sobota 13 czerwiec 2009 o 09:50:47 Thomas Bächler napisał(a):
Magnus Therning schrieb:
Is there a good HOWTO on making syslog-ng create files with owner:group other than root:root? I'd like to make it possible for some users to read the logs in /var/log.
Any good suggestion for an already existing group to use? I was thinking of either log or wheel, any thoughts?
syslog-ng uses root:log in its default configuration. If it doesn't check /etc/syslog-ng.conf.pacnew and see if the log group exists for you.
interesting, it did not work for me. in the /etc/syslog-ng.conf there was: group("log"); and syslog-ng ignored this setting, I changed it to: group(19); as specified in the man page and it works fine now. regards waldek
waldek wrote:
Dnia sobota 13 czerwiec 2009 o 09:50:47 Thomas Bächler napisał(a):
Magnus Therning schrieb:
Is there a good HOWTO on making syslog-ng create files with owner:group other than root:root? I'd like to make it possible for some users to read the logs in /var/log.
Any good suggestion for an already existing group to use? I was thinking of either log or wheel, any thoughts? syslog-ng uses root:log in its default configuration. If it doesn't check /etc/syslog-ng.conf.pacnew and see if the log group exists for you.
interesting, it did not work for me. in the /etc/syslog-ng.conf there was:
group("log");
and syslog-ng ignored this setting, I changed it to:
group(19);
as specified in the man page and it works fine now.
Yes, same here. There should be a bug raised I guess. If no one beats me to it I'll raise on tonight. /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe
Magnus Therning schrieb:
interesting, it did not work for me. in the /etc/syslog-ng.conf there was:
group("log");
and syslog-ng ignored this setting, I changed it to:
group(19);
as specified in the man page and it works fine now.
Yes, same here. There should be a bug raised I guess. If no one beats me to it I'll raise on tonight.
It probably should. I'm confused though, it works for me with the group name (as in the default config).
Dnia sobota 13 czerwiec 2009 o 11:05:13 Thomas Bächler napisał(a):
Magnus Therning schrieb:
interesting, it did not work for me. in the /etc/syslog-ng.conf there was:
group("log");
and syslog-ng ignored this setting, I changed it to:
group(19);
as specified in the man page and it works fine now.
Yes, same here. There should be a bug raised I guess. If no one beats me to it I'll raise on tonight.
It probably should. I'm confused though, it works for me with the group name (as in the default config).
Speaking about confusion - seems to work now with both options: group("log"); and group(19); funny thing is that the "group("log");" is in the default one .conf file, so the logs should have belonged to the log group but they did not - belive me - I am not mad ;-) the only proof I have is this: [waldek@wolfblade log]$ ll syslog.log* -rw-r----- 1 root log 338 2009-06-13 11:56 syslog.log -rw-r----- 1 root root 5483 2009-06-10 22:02 syslog.log.1 -rw-r----- 1 root root 1131 2009-05-30 09:44 syslog.log.2 -rw-r----- 1 root root 2493 2009-05-27 06:48 syslog.log.3 -rw-r----- 1 root root 875 2009-05-16 09:00 syslog.log.4 regards waldek
waldek wrote:
Dnia sobota 13 czerwiec 2009 o 11:05:13 Thomas Bächler napisał(a):
Magnus Therning schrieb:
interesting, it did not work for me. in the /etc/syslog-ng.conf there was:
group("log");
and syslog-ng ignored this setting, I changed it to:
group(19);
as specified in the man page and it works fine now. Yes, same here. There should be a bug raised I guess. If no one beats me to it I'll raise on tonight. It probably should. I'm confused though, it works for me with the group name (as in the default config).
Speaking about confusion - seems to work now with both options:
group("log");
and
group(19);
funny thing is that the "group("log");" is in the default one .conf file, so the logs should have belonged to the log group but they did not - belive me - I am not mad ;-) the only proof I have is this:
[waldek@wolfblade log]$ ll syslog.log* -rw-r----- 1 root log 338 2009-06-13 11:56 syslog.log -rw-r----- 1 root root 5483 2009-06-10 22:02 syslog.log.1 -rw-r----- 1 root root 1131 2009-05-30 09:44 syslog.log.2 -rw-r----- 1 root root 2493 2009-05-27 06:48 syslog.log.3 -rw-r----- 1 root root 875 2009-05-16 09:00 syslog.log.4
I have a newly installed system and I can confirm that all files in /var/log are owned by root:root. A little experiment: 1. stop syslog-ng 2. move aside /var/log/syslog.log (e.g. to /var/log/syslog.log.oldie 3. start syslog-ng 4. check the permissions on /var/log/syslog.log--on my system they were now root:log So, it seems the problem is that the logs in /var/log are created either by an instance of syslog-ng that doesn't have the correct configuration, or by something completely different. There seems to be no way to tickle syslog-ng to modify the group of already existing files :-( I raised bug 15095. /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe
On Sat, Jun 13, 2009 at 09:54:08AM +0100, Magnus Therning wrote:
waldek wrote:
Dnia sobota 13 czerwiec 2009 o 09:50:47 Thomas Bächler napisał(a):
Magnus Therning schrieb:
Is there a good HOWTO on making syslog-ng create files with owner:group other than root:root? I'd like to make it possible for some users to read the logs in /var/log.
Any good suggestion for an already existing group to use? I was thinking of either log or wheel, any thoughts? syslog-ng uses root:log in its default configuration. If it doesn't check /etc/syslog-ng.conf.pacnew and see if the log group exists for you.
interesting, it did not work for me. in the /etc/syslog-ng.conf there was:
group("log");
and syslog-ng ignored this setting, I changed it to:
group(19);
as specified in the man page and it works fine now.
Yes, same here. There should be a bug raised I guess. If no one beats me to it I'll raise on tonight.
Works here. Remember to log out and relogin; see the output of 'groups'.
2009/6/13 Thomas Bächler <thomas@archlinux.org>:
syslog-ng uses root:log in its default configuration. If it doesn't check /etc/syslog-ng.conf.pacnew and see if the log group exists for you.
I'll almost hijack the thread because I have an issue open with log files in a [community] package, mldonkey. This package has a daemon that drops privileges to a local user, usually a physical one, so it has troubles logging. At the moment it logs in /tmp/, and logs get deleted at reboot. An alternative, maybe more appropriate, would be /var/run/mldonkey/, but it has the same issue, and log files should be persistent. I was requested by a user to create a /var/log/mldonkey/ directory and put log files there, owned by the daemon-configured user, however I'm not too fond of the idea of having user-owned files in a system directory like /var/log/, even though in an isolated part of it. Can I have an opinion from developers about this matter? Thanks, Corrado
On Sat, 2009-06-13 at 12:01 +0200, bardo wrote:
I was requested by a user to create a /var/log/mldonkey/ directory and put log files there, owned by the daemon-configured user, however I'm not too fond of the idea of having user-owned files in a system directory like /var/log/, even though in an isolated part of it.
Can I have an opinion from developers about this matter?
That's the only solution if your daemon doesn't log through syslog.
participants (6)
-
Alessandro Doro
-
bardo
-
Jan de Groot
-
Magnus Therning
-
Thomas Bächler
-
waldek