Mailing List Archive

On Monday 01 January 2007 10:29, Mike Frysinger wrote:
> how do people feel about transitioning the Gentoo standard system logger
> from running as root/root to adm/adm ?  the latest version of sysklogd
> includes some patches so that it can run as non-root and a user requested
> we make this the default ... however, i certainly dont want to start adding
> a different user/group for each system logger cause that's wicked lame
It would be really nice, especially if the adm group could be used to be able
to read the logs without using root login :)

--
Diego "Flameeyes" Pettenò - http://farragut.flameeyes.is-a-geek.org/
Gentoo/Alt lead, Gentoo/FreeBSD, Video, Sound, ALSA, PAM, KDE, CJK, Ruby ...

Diego 'Flameeyes' Pettenò wrote:
> On Monday 01 January 2007 10:29, Mike Frysinger wrote:
>> how do people feel about transitioning the Gentoo standard system logger
>> from running as root/root to adm/adm ? the latest version of sysklogd
>> includes some patches so that it can run as non-root and a user requested
>> we make this the default ... however, i certainly dont want to start adding
>> a different user/group for each system logger cause that's wicked lame
> It would be really nice, especially if the adm group could be used to be able
> to read the logs without using root login :)
>

Awesome idea Mike. And allowing people to read the logs if they were in
the adm group would be perfect too.

--
Doug Goldstein <cardoe@gentoo.org>
http://dev.gentoo.org/~cardoe/


--
gentoo-dev@gentoo.org mailing list

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mike Frysinger wrote:
> how do people feel about transitioning the Gentoo standard system logger from
> running as root/root to adm/adm ? the latest version of sysklogd includes
> some patches so that it can run as non-root and a user requested we make this
> the default ... however, i certainly dont want to start adding a different
> user/group for each system logger cause that's wicked lame
> -mike

does syslog-ng and metalog have similar functionality?

- --
=======================================================
Mike Doty kingtaco -at- gentoo.org
Gentoo/AMD64 Strategic Lead
Gentoo Council
Gentoo Developer Relations
Gentoo Recruitment Lead
Gentoo Infrastructure
GPG: E1A5 1C9C 93FE F430 C1D6 F2AF 806B A2E4 19F4 AE05
=======================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQCVAwUBRZlJDYBrouQZ9K4FAQLdbgP/QOqeFcCu0zmJ09rWUdFCh3tK59gkhs7R
tCafkQD8zUKiwCwHqMFRQWIUfgjfLn4fOYtcjalu2p4x+//BYEjFIf0trhzOAGRT
8Yxh5zj4KvYJtOJakGKueNmyWtYYlBKuiSZ/9zF4LikVTL7hYQzwobafcBnTU6AY
Y6TvbOBRAdA=
=bXQ9
-----END PGP SIGNATURE-----
--
gentoo-dev@gentoo.org mailing list

On Mon, 01 Jan 2007 09:46:55 -0800
Mike Doty <kingtaco@gentoo.org> wrote:

> does syslog-ng and metalog have similar functionality?

SYNOPSIS
syslog-ng [ -dFsvVy ] [ -f <config-filename> ] [ -p
<pid-filename> ] [ -C <chroot-dir> ] [ -u <user> ] [ -g <group> ]
...
-u <user>, --group=<user>
Switch to user.


I'd have to guess so.
--
gentoo-dev@gentoo.org mailing list

Diego 'Flameeyes' Pettenò kirjoitti:
> On Monday 01 January 2007 10:29, Mike Frysinger wrote:
>> how do people feel about transitioning the Gentoo standard system logger
>> from running as root/root to adm/adm ? the latest version of sysklogd
>> includes some patches so that it can run as non-root and a user requested
>> we make this the default ... however, i certainly dont want to start adding
>> a different user/group for each system logger cause that's wicked lame
> It would be really nice, especially if the adm group could be used to be able
> to read the logs without using root login :)
>

Why not use the wheel group?

Regards,
Petteri

On Monday 01 January 2007 19:38, Petteri Räty wrote:
> Why not use the wheel group?
wheel can su (and sudo usually); you might want to give an user access to the
logs without using wheel group.

--
Diego "Flameeyes" Pettenò - http://farragut.flameeyes.is-a-geek.org/
Gentoo/Alt lead, Gentoo/FreeBSD, Video, Sound, ALSA, PAM, KDE, CJK, Ruby ...

On Mon, 1 Jan 2007 20:14:17 +0100 "Diego 'Flameeyes' Pettenò"
<flameeyes@gentoo.org> wrote:
| On Monday 01 January 2007 19:38, Petteri Räty wrote:
| > Why not use the wheel group?
|
| wheel can su (and sudo usually); you might want to give an user
| access to the logs without using wheel group.

Then don't list them in sudoers or give them the root password.

--
Ciaran McCreesh
Mail : ciaranm at ciaranm.org
Web : http://ciaranm.org/
Paludis is faster : http://ciaranm.org/show_post.pl?post_id=61

On Monday 01 January 2007 12:46, Mike Doty wrote:
> Mike Frysinger wrote:
> > how do people feel about transitioning the Gentoo standard system logger
> > from running as root/root to adm/adm ? the latest version of sysklogd
> > includes some patches so that it can run as non-root and a user requested
> > we make this the default ... however, i certainly dont want to start
> > adding a different user/group for each system logger cause that's wicked
> > lame
>
> does syslog-ng and metalog have similar functionality?

maybe, but no one has this as the default behavior, so ...
-mike

Diego 'Flameeyes' Pettenò wrote:
> It would be really nice, especially if the adm group could be used to be able
> to read the logs without using root login :)

++ on that :)

Greetz Jokey

--
gentoo-dev@gentoo.org mailing list

Petteri Räty wrote:
> Diego 'Flameeyes' Pettenò kirjoitti:
>> It would be really nice, especially if the adm group could be used to be able
>> to read the logs without using root login :)

> Why not use the wheel group?

adm is the standard unix group used to access system logs. there's a
few good reasons you might want to give someone those permissions
without full wheel access.


--
by design, by neglect
dirtyepic gentoo org for a fact or just for effect
9B81 6C9F E791 83BB 3AB3 5B2D E625 A073 8379 37E8 (0x837937E8)

Mike Frysinger wrote:

> On Monday 01 January 2007 12:46, Mike Doty wrote:
>> Mike Frysinger wrote:
>> > how do people feel about transitioning the Gentoo standard system
>> > logger
>> > from running as root/root to adm/adm ? the latest version of sysklogd
>> > includes some patches so that it can run as non-root and a user
>> > requested we make this the default ... however, i certainly dont want
>> > to start adding a different user/group for each system logger cause
>> > that's wicked lame
>>
>> does syslog-ng and metalog have similar functionality?
>
> maybe, but no one has this as the default behavior, so ...
> -mike

Yeah, but it's still a good idea, as others have discussed.

--
gentoo-dev@gentoo.org mailing list

Steve Long wrote:
>> maybe, but no one has this as the default behavior, so ...
>> -mike
>
> Yeah, but it's still a good idea, as others have discussed.
>
Just wanted to apologise for my rudeness there- after all it was your
proposal in the first place. Just been a bit strung out recently, so please
excuse me.


--
gentoo-dev@gentoo.org mailing list