# [SOLVED] /var/log/messages, permission issues

## gr650

Does anybody have an idea why /var/log/messages (my default logfile)

changes its permissions to 600 and owner to 'root' after every reboot?

I'd like to run root-tail on this file as user, but of course, root-tail can't read 

the file if it's set as above. Changing it manually works until next reboot, but

that's too tedious to change it every time. My logger is syslog-ng. 

Any ideas would be much appreciated.Last edited by gr650 on Sun Mar 13, 2005 2:43 am; edited 1 time in total

----------

## TheRAt

Change the settings in your logging software, eg. if you are using syslog-ng then you could alter the config (/etc/syslog-ng/syslog-ng.conf) as follows:

```
destination messages { file("/var/log/messages" owner(root) group(wheel) perm(0640)); };
```

That will mark the /var/log/messages file with owner=root, group=wheel and permissions=0640 (-rw-r-----). This would allow any user in the wheel group to be able to read the file.

----------

## gr650

Thanks for that, it works now :-) And at least I've learnt how to check the 

HTML documentation provided on my system.

After changing the line as mentioned above, I found that syslog-ng was still

refusing to log to any different file than /var/log/messages. However,

a thorough check of /etc/syslog-ng/syslog-ng.conf revealed that there 

was another entry overriding the first one I had changed. I commented the 

second one and everything works as expected.

```

destination messages { file("/var/log/messages" owner(root) group(wheel) perm(0640)); };  #<-- The line I changed

destination authlog { file("/var/log/auth.log"); };

destination syslog { file("/var/log/syslog"); };

destination cron { file("/var/log/cron.log"); };

destination daemon { file("/var/log/daemon.log"); };

destination kern { file("/var/log/kern.log"); };

destination lpr { file("/var/log/lpr.log"); };

destination user { file("/var/log/user.log"); };

destination mail { file("/var/log/mail.log"); };

destination mailinfo { file("/var/log/mail.info"); };

destination mailwarn { file("/var/log/mail.warn"); };

destination mailerr { file("/var/log/mail.err"); };

destination newscrit { file("/var/log/news/news.crit"); };

destination newserr { file("/var/log/news/news.err"); };

destination newsnotice { file("/var/log/news/news.notice"); };

destination debug { file("/var/log/debug"); };

#destination messages { file("/var/log/messages"); };       #<-- the line overriding the change above

destination console { usertty("root"); };

destination xconsole { pipe("/dev/xconsole"); };

```

----------

