I am running nginx-0.7.64 and my nginx.conf includes “user nginx nginx;”
If I rotate logfiles and send SIGUSR1, new logfiles are created owned by
user=nginx group=root (rather than group=nginx as I had expected).
I looked at the source and I think that the problem is in ngx_file.c:
ngx_int_t
ngx_create_pathes(ngx_cycle_t *cycle, ngx_uid_t user)
{
// …
if (fi.st_uid != user) {
if (chown((const char *) path->name.data, user, -1) == -1) {
ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
“chown("%s", %d) failed”,
path->name.data, user);
return NGX_ERROR;
}
}
// …
}
Unfortunately, no group information is passed to this function, so
logfiles are created with the effective(?) gid of the master process
(often root).
Depending on your OS, a work-around may be possible by adding a “create”
line to /etc/lograte.d/nginx, and then setting the group permissions
manually (/bin/chgrp) on the log-files.
Posted at Nginx Forum: