It seems my /var/log directory permissions keep getting reset so much as that no user except root can do anything to any of the logs on my system, so I am having various problems trying to get services setup, as many of them need access to the logs and can't read or write. I have also discovered this may have something to do with emerge, because it usually happens after I emerge a package Reproducible: Always Steps to Reproduce: 1. when the permissions are b0rked they are: drwxrws--- root:root /var/log so I reset them with chmod 0775 /var/log 2. emerge any package Actual Results: permissions got changed back to drwxrws--- root:root on /var/log after emerge completed Expected Results: emerge should have left the permissions alone, or this may be a feature for security but I can't see it because so many applications and services depend on being able to write logs here without having root perms! shaun@lust shaun $ emerge info Portage 2.0.51-r3 (gcc34-x86-2004.2, gcc-3.4.3, glibc-2.3.4.20041102-r0, 2.6.9-gentoo-r6 i686) ================================================================= System uname: 2.6.9-gentoo-r6 i686 AMD Athlon(tm) XP 1800+ Gentoo Base System version 1.4.16 Autoconf: sys-devel/autoconf-2.59-r5 Automake: sys-devel/automake-1.8.5-r1 Binutils: sys-devel/binutils-2.15.90.0.1.1-r3 Headers: sys-kernel/linux26-headers-2.6.8.1 Libtools: sys-devel/libtool-1.5.2-r7 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-O2 -march=athlon-xp -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" COMPILER="" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=athlon-xp -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache distlocks sandbox" GENTOO_MIRRORS="http://mirror.datapipe.net/gentoo/ http://gentoo.mirrors.pair.com/ http://mirrors.tds.net/gentoo http://gentoo.netnitco.net http://gentoo.mirrored.ca/ http://adelie.polymtl.ca/" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowex X apm arts avi berkdb bitmap-fonts crypt cups encode f77 foomaticdb fortran gdbm gif gpm gtk imap jpeg libg++ libwww mad maildir mikmod mmx motif mpeg mysql ncurses nls nptl nptlonly oggvorbis opengl oss pam pdflib perl png python quicktime readline sdl slang spell sse ssl svga tcpd threads truetype x86 xml2 xv zlib"
I have managed to locate the issue that is causing this problem myself, It seems that having the PORT_LOGDIR= variable set in /etc/make.conf to the default base /var/log directory is causing the permissions on that directory to be set in the way described. I use portlog-info to view EINFO/EWARN messages and I had set this up as my directory for the logs as I figured they should go here, I have now made a separate directory in /var/log for the per package emerge logs and the problem is cleared up Although I don't believe having the PORT_LOGDIR= variable set should be causing these permissions to be set, and the emerge logs should be set by default to the portage user/group, so they are readable by everyone in that group, not just root. Someone could still look into this. Shaun.
ive never seen/heard of this before do you have any custom scripts in place ?
Regarding which emerge or just general scripts?? I use portlog-info to view the logs generated by having the PORT_LOGDIR= variable set, but I know it's not causing the permissions to be changed because it doesn't create the logs, emerge does... *shrugs* other than emerge setting those perms when the logs are created, I don't know how they get set that way...
It's a result of setting that directory that way. It's unsafe. Use a subdir.
As stated. Use a subdir.