I have yet another frustrating problem. I have a group of users belonging to the "testing" group. I have a folder located at /var/log/projects with the setgid bit set. This is so any new files or folders that get created in /projects will always retain the group ownership of "testing".
[root@system log]# ll | grep projects
drwxr-s---. 4 root testing 4096 Jun 10 19:36 projects
When I touch a file or create a folder in that directory they inherit the correct perms and ownership.
[root@system log]# touch /var/log/projects/testfile
[root@system log]# ll /var/log/projects/
total 4
-rw-r--r--. 1 root testing 0 Jun 10 19:49 testfile
And when I create a new folder its works as expected.
[root@system projects]# mkdir folder1
[root@system projects]# ll
total 8
drwxr-sr-x. 2 root testing 4096 Jun 10 19:52 folder1
-rw-r--r--. 1 root testing 0 Jun 10 19:49 testfile
So far so good. However I am using this folder for remote syslogs from other systems. When I start the rsyslogd service, any folders of files created by that process inherit the ownership of root:root.
drwx--S---. 2 root root 4096 Jun 10 19:44 remotehost
I was under the impression that the purpose of the setgid bit was for my use case. Can anyone tell me what I am doing wrong or how I can fix this so that any folders/files created by the rsyslogd process have the group ownership of "testing"? This is on a RHEL 6 server.
Best Answer
The method you made would work with programs that don't specifically manage their output permissions and ownership, but rsyslogd does.
Rsyslogd's output module documentation page shows that you can use thefileGroup [groupName]configuration directive to set the default value for the output file's group.