[prev in list] [next in list] [prev in thread] [next in thread]
List: syslog-ng
Subject: Re: [syslog-ng] [EXTERNAL] Re: ACLs with syslog-ng
From: "Faine, Mark R. (MSFC-IS40)[NICS]" <mark.faine () nasa ! gov>
Date: 2021-05-19 15:08:40
Message-ID: SA1PR09MB8253DFBD520D9CFE1A7CC2C4E92B9 () SA1PR09MB8253 ! namprd09 ! prod ! outlook ! com
[Download RAW message or body]
I have tried the backup and restore and it just got to be too complicated. I did not \
know about owner(), if that works it will solve the problem. Currently we're setting \
everything, like this:
perm(0640);
dir-perm(0750);
dir-owner('root');
owner('root');
dir-group('splunk');
group('splunk');
Hopefully, all of those options can be specified with empty parameters. Basically, I \
just need syslog-ng to not do anything with permissions and everything should be \
fine.
-Mark
-----Original Message-----
From: Fabien Wernli <wernli@in2p3.fr>
Sent: Wednesday, May 19, 2021 08:54
To: Faine, Mark R. (MSFC-IS40)[NICS] <mark.faine@nasa.gov>
Cc: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu>
Subject: Re: RE: [EXTERNAL] Re: [syslog-ng] ACLs with syslog-ng
On Wed, May 19, 2021 at 12:24:10PM +0000, Faine, Mark R. (MSFC-IS40)[NICS] wrote:
> No, I can try that, but I don't suspect it will help since the ACLs are there when \
> syslog-ng starts. However, after files are written to or a new file is created, \
> the ACL is lost.
You could backup the acl in setup() and restore it in startup() or something
like that. I thought of something else : did you try using owner() (without
argument) ? According to the docs, it should retain the "original properties of the \
file", although I'm not sure this includes ACLs.
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
[prev in list] [next in list] [prev in thread] [next in thread]