nginx logfile group

[rihad]

Is there a way to set up nginx to have a certain group of the current access&error log files?
"user www www" in nginx.conf doesn't do the trick. The actual log files are owned as www:wheel, probably because this is the group of the running master nginx process. Setting nginx_group to a different group in /etc/rc.conf doesn't seem to be applicable either:

⟨name⟩_group
(str) Run the chrooted service under this system group.
Unlike the _user setting, this setting has no effect if the
service is not chrooted.

 

[SirDice]

New files are created using the group from the directory, not from the user's primary group as Linux does.

 

[rihad]

Thanks! Indeed. Some googling revealed:

FreeBSD's open(2)

When a new file is created it is given the group of the directory which
contains it.

Debian's open(2):

The group ownership (group ID) of the new file is set either to the effective group ID of the process (System V semantics) or to the group ID of the parent directory (BSD semantics). On Linux, the behavior depends on whether the set-group-ID mode bit is set on the parent directory: if that bit is set, then BSD semantics apply; otherwise, System V semantics apply. For some filesystems, the behavior also depends on the bsdgroups and sysvgroups mount options described in mount(8)).

Life's hard )

 

[drhowarddrfine]

BSD life is simple.

 

[SirDice]

If you want to change the group you could create a /var/log/nginx directory with www:www ownership and change your log file to /var/log/nginx/access.log.