Hi, syslog-ng can be run without root privileges, for that we only need to specify: syslog-ng [ -C <chroot-dir> ] [ -u <user> ] [ -g <group> ] when calling syslog-ng. however, /etc/init.d/syslog-ng calls syslog-ng without any parameters/argument. And there isn't a "sane" way to configure syslog-ng parameters without modifing that init script. I propose the creation of a /etc/conf.d/syslog-ng for configuration of parameters to be passed to syslog-ng on "startup". This would bring syslog-ng to parity with sysklog with respect to "file for startup parameters" feature. =) I also propose that by default, syslog-ng be set to run without root privileges ("minimum necessary privilege by default"). That will imply creating a new user/group for syslog-ng, and changing the owner-ship of: syslog-ng.conf and all default log files that get written by syslog-ng. to this new user/group. Alternatively, this behaviour can be optional, and be enabled if use flag "hardened" is active. Best regards,
patch welcome. *** This bug has been marked as a duplicate of 101387 ***
Created attachment 99473 [details, diff] patch for ebuild file
Created attachment 99474 [details, diff] init script patch
Created attachment 99475 [details] simple syslog-ng confd file..
Hi there, these patches are my first stab at it. I must say that I'm rather unexperienced with ebuild developtment, I could not test this yet.. (no time, busy, busy, busy... and a semi-broken gentoo system :) ) anyway, these patches serve has prototypes. thankyou in advance. best regards,