Syslog NG and permissions

Syslog NG and permissions are a topic on its own – especially if you like to keep your system safe. Imagine, you run a process to parse your syslog files, which you do not want to run as root. Sounds easy?

A first try might be using chmod and chown for adjusting the permissions, but the problem we’re running into is, that syslog-ng corrects the permissions everytime it starts up.

If syslog-ng is able to set permissions, its got to know, what to do. So I went through the manpages and found an interesting part there, which I added to my syslog-ng.conf:

options { .... perm(0640); group(wheel); .... };

Let’s have a look at the options: perm is the bitmask, syslog-ng aplies to the logfiles, and group sets the group permissions.

StarBlog

Author: ToeiRei

Leave a Reply