On Sat, Jun 05, 2004 at 06:21:29PM +1000, Darren Reed wrote: > ...and this works in the case of SIGHUP too ? > > i.e. re-read syslogd.conf and can open new files r/w root only ? Syslogd(8) does NOT run as root by the time log files are openned at startup or a reconfig (SIGHUP). As I stated in the original message, the log files will have to be writable by the user. Same goes for writting messages to users via their ttys. Although having things set up otherwise is probably rare, make sure that the user can read the configuration file. What do we do while still root? Open the UNIX domain log sockets (/var/run/log and any others specified) and open the network socket (514/udp by default or whatever specified). The PID file is also written while still root. I'm thinking of writing a "conversion" script to make the required changes. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"