[Catalyst] Using Log4perl under Apache, logs created with root for owner & group

[Matt S Trout]

Ian MacDonald wrote:
> Hi all,
>  
> I've just switched our logging to use Catalyst::Log::Log4perl and have a 
> problem because the logs are being created with owner & group of root. 
> Logging occurs ok during request handling (not sure why as apache is run 
> by user apache) but we have some jobs which take too long to complete so 
> are forking other scripts to handle them (simply using system()), and 
> these scripts (which are also run by apache) fail to open the logs due 
> to permission error.
>  
> I've can work around it for now by setting umask to 0000 in the Log4perl 
> config file but this is obviously not ideal, and I'd also like to hear 
> if there's a better/more Catalyst way of handling my long jobs.

Apache starts off as root, then setuid's to the appropriate user. Of course by 
that point it already has a filehandle to the logfile open.

The trick on a *n?x box is simple - chgroup the directory to the group apache 
runs as and turn the setgid bit on on the directory so all files created 
within it get that group ownership.

-- 
      Matt S Trout       Offering custom development, consultancy and support
   Technical Director    contracts for Catalyst, DBIx::Class and BAST. Contact
Shadowcat Systems Ltd.  mst (at) shadowcatsystems.co.uk for more information

+ Help us build a better perl ORM: http://dbix-class.shadowcatsystems.co.uk/ +