I had a problem with "/var/log/exim4/mainlog" permissions for some days, and I read what it´s stated in bug reports #399930 and #400198.
Anyway, after some days investigating what could be happening, I´m getting to the point where it seems that the problem is not related with the "time frame" between logrotate creates "mainlog" and when it is chowned. What I have checked is that adding the option "nocreate" to "/etc/logrotate.d/exim4" doesn´t prevent the file "mainlog" from being created with the wrong permission in some circunstances. Having a look to the time when the file gets created, and the events recorded in "mainlog", "paniclog" and "syslog", I think the problem is caused by the script "/etc/cron.daily/sysklogd" restarting the syslogd daemon ever day and "/var/log/exim4/mainlog" appearing in "/etc/syslog.conf". You can verify if this could be your case looking at the output from the command "syslogd-listfiles -a" and checking if "/var/log/exim4/mainlog" appears. If it appears, then both syslogd and logrotate are managing your exim log file, and for syslogd, it recreates the file with permissions and ownership "640 root:adm" if it doesn´t exists. For my case, I have removed "/var/log/exim4/mainlog" from "/etc/syslog.conf" and everything seems OK. I don´t know if this is related to the problem but, anyway, I find a bit confusing both syslogd and logrotate managing the same log files. So, I would be very pleased with any fix to bug #379843. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
