We are attempting to allow multiple users to have read only access to /var/log/syslog. All the users are in an AD/LDAP group called “DC Backup Hosts”. We can manually chgrp the file to “DC Backup Hosts”, but it is getting overwritten every night when logrotate runs. I have attempted changing the permissions in the /etc/univention/templates/files/etc/resolv.conf file and restarted rsylog, but that didn’t work. When I look at the /etc/univention/templaets/files/logrotate.conf, it is setting the log files to 640 root adm. Since this variable is in the UCR I have tried changing the logrotate/create variable to 640 root DC Backup Hosts, 640 root “DC Backup Hosts”, 640 root 'DC Backup Hosts", 640 root dc_backup_hosts. Anything with a space in it fails because I am giving too many arguments to the create command. Anything all one word fails with an unknown group.
I think my issue is that the DC Backup Hosts group is an AD group and not defined on the local system in /etc/groups. But then I don’t understand how it works when we manually change it, except we are using the chmod and chgrp commands instead of the logrotate cron job.