logfiles group ownership

robtinsley nginx-forum at nginx.us
Tue Dec 15 15:59:43 MSK 2009

I am running nginx-0.7.64 and my nginx.conf includes "user nginx nginx;"

If I rotate logfiles and send SIGUSR1, new logfiles are created owned by user=nginx group=root (rather than group=nginx as I had expected).

I looked at the source and I think that the problem is in ngx_file.c:

ngx_create_pathes(ngx_cycle_t *cycle, ngx_uid_t user)
// ...
        if (fi.st_uid != user) {
            if (chown((const char *) path->name.data, user, -1) == -1) {
                ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
                              "chown(\"%s\", %d) failed",
                              path->name.data, user);
                return NGX_ERROR;
// ...

Unfortunately, no group information is passed to this function, so logfiles are created with the effective(?) gid of the master process (often root).

Depending on your OS, a work-around may be possible by adding a "create" line to /etc/lograte.d/nginx, and then setting the group permissions manually (/bin/chgrp) on the log-files.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,30614,30614#msg-30614

More information about the nginx mailing list