On startup, the file is opened and possibly created as root. On configuration
reload, the file is reopened as the configured user. Therefore, the log file
should be owned by this user.
---
src/libcharon/bus/listeners/file_logger.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/libcharon/bus/listeners/file_logger.c
b/src/libcharon/bus/listeners/file_logger.c
index d1f180227..cc9bc52eb 100644
--- a/src/libcharon/bus/listeners/file_logger.c
+++ b/src/libcharon/bus/listeners/file_logger.c
@@ -243,6 +243,13 @@ METHOD(file_logger_t, open_, void,
this->filename, strerror(errno));
return;
}
+ if (chown(this->filename, lib->caps->get_uid(lib->caps),
+ lib->caps->get_gid(lib->caps)))
+ {
+ DBG1(DBG_DMN,
+ "changing permissions for file %s failed: %s",
+ this->filename, strerror(errno));
+ }
#ifdef HAVE_SETLINEBUF
if (flush_line)
{
--
2.25.2
