logfiles group ownership
robtinsley
nginx-forum at nginx.us
Tue Dec 15 15:59:43 MSK 2009
I am running nginx-0.7.64 and my nginx.conf includes "user nginx nginx;"
If I rotate logfiles and send SIGUSR1, new logfiles are created owned by user=nginx group=root (rather than group=nginx as I had expected).
I looked at the source and I think that the problem is in ngx_file.c:
ngx_int_t
ngx_create_pathes(ngx_cycle_t *cycle, ngx_uid_t user)
{
// ...
if (fi.st_uid != user) {
if (chown((const char *) path->name.data, user, -1) == -1) {
ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
"chown(\"%s\", %d) failed",
path->name.data, user);
return NGX_ERROR;
}
}
// ...
}
Unfortunately, no group information is passed to this function, so logfiles are created with the effective(?) gid of the master process (often root).
Depending on your OS, a work-around may be possible by adding a "create" line to /etc/lograte.d/nginx, and then setting the group permissions manually (/bin/chgrp) on the log-files.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,30614,30614#msg-30614
More information about the nginx
mailing list