I asked from the upstream author if this is known issue, and he said
this:
Ubuntu drops privileges, but their config is often not really up
to that. Keep running as root for a test and check if the problem
re-occurs. I guess not.
So I commented out the $PrivDropToUser and
It seems that this was partly my mistake, as the permissions of the fifo
file were wrong. But this means that rsyslog opened the fifo before
dropping privileges and was thus able to open it as root. When the HUP
signal is sent, reopening the fifo fails because rsyslog is no longer
run as root.
I'd like to also add that if the configuration file has changed and you
send rsyslog a HUP the new additions are not acted upon. A
shutdown/restart are needed for the new configuration to take effect.
This is contrary to what the man pages indicates about how rsyslog will
handle a HUP signal.
--