Logfile permissions and ntp group
Gary E. Miller
gem at rellim.com
Tue Jun 7 23:27:54 UTC 2016
Yo Hal!
On Tue, 07 Jun 2016 16:17:38 -0700
Hal Murray <hmurray at megapathdsl.net> wrote:
> esr at thyrsus.com said:
> > You are suggesting that this is not so - that as long as we open
> > log files before privilege-dropping the ntp user/group pair isn't
> > necessary at all. If true I would mildly prefer to do things that
> > way, it's simpler.
>
> There are 2 types of "log" files. There is ntpd.log and there are
> several stats files.
Plus the driftfile. It is not exactly a log or stats.
> ntpd.log gets opened while still root. It doesn't cooperate with
> logrotate yet, but we should set things up so that will work.
> ntpd.log should probably be in /var/log/ntpstats/ so ntp can own that
> directory. That may be unnecessary if logrotate makes the new file.
logrotate does not make files, it restarts ntpd, so ntpd can make
the new file. Which has all the problems of restarting ntpd.
> I find it handy to have all the ntp logging in one directory.
Yes, I like that.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160607/d1267c05/attachment.bin>
More information about the devel
mailing list