On Wed, 16 Nov 2005, Brad Plant wrote:
> I ran syslog-ng as a non-root user once before, but now I run it as
> root. From what I can remember, syslog-ng opened /proc/kmsg before
> dropping privileges, however when you sent the HUP signal (i.e. after
> running logrotate) it closed all the files and reopened them again.
> Because it no longer had root permissions, it couldn't
> reopen /proc/kmsg.
Why did you rotate yourself your log ?
You better use MACRO like :
destination full {
file("/var/log/full/full_$YEAR.$MONTH.$DAY.log" log_fifo_size(1000)
dir_perm(0755) create_dirs(yes));
file("/dev/tty12");
};
destination full_net {
file("/var/log/net/net_$HOST.$YEAR/$MONTH.$DAY.log" dir_perm(0755)
create_dirs(yes));
};
Its better usable :-)
--
Jerome POGGI [EMAIL PROTECTED]
Herve Schauer Consultants -=- Consultant Sécurité Informatique, CISSP
http://www.hsc.fr/ Tèl : +33 141 409 700
--
gentoo-security@gentoo.org mailing list
