Syslog NG and permissions are a topic on its own – especially if you like to keep your system safe. Imagine, you run a process to parse your syslog files, which you do not want to run as root. Sounds easy?
A first try might be using chmod and chown for adjusting the permissions, but the problem we’re running into is, that syslog-ng corrects the permissions everytime it starts up.
If syslog-ng is able to set permissions, its got to know, what to do. So I went through the manpages and found an interesting part there, which I added to my syslog-ng.conf:
Let’s have a look at the options: perm is the bitmask, syslog-ng aplies to the logfiles, and group sets the group permissions.