/lib/systemd/system/rsyslog.service
GNU nano 6.2 /lib/systemd/system/rsyslog.service [Unit]
Description=System Logging Service
Requires=syslog.socket
Documentation=man:rsyslogd(8)
Documentation=man:rsyslog.conf(5)
Documentation=https://www.rsyslog.com/doc/
[Service]
Type=notify
ExecStart=/usr/sbin/rsyslogd -n -iNONE
StandardOutput=null
Restart=on-failure
#custom-add 2023.09.12
User=root
Group=root
RuntimeDirectory=/run/syslog_test
RuntimeDirectoryMode=0777
PermissionsStartOnly=True
# Increase the default a bit in order to allow many simultaneous
# files to be monitored, we might need a lot of fds.
LimitNOFILE=16384
[Install]
WantedBy=multi-user.target
Alias=syslog.service
$template remote-incoming-logs,"/run/syslog/index/%HOSTNAME%.log"
*.* ?remote-incoming-logs
& ~
$FileOwner root
$FileGroup root
$FileCreateMode 0777
$DirCreateMode 0777
$Umask 0000
$PrivDropToUser root
$PrivDropToGroup root
в итоге получаю файлы:
-rw-r--r-- 1 root root 3837 Sep 13 18:28 ceres.log
а директория:
drwx------ 2 root root 80 Sep 13 18:28 index/
# ll /run/syslog/
total 0
drwx------ 3 root root 60 Sep 13 18:28 ./
drwxr-xr-x 34 root root 1060 Sep 13 18:28 ../
drwx------ 2 root root 80 Sep 13 18:28 index/
Используется для
NGINX:
# cat /etc/nginx/sites-enabled/syslogs
server { listen 81;
root /run/syslog;
error_log /run/nginx_error.log;
access_log /run/nginx_access.log;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_format html;
autoindex_localtime on;
types {
text/plain log;
}
}
}
если я дам файлам права то я через браузер получаю чтение логов файлов
