On my system (14.04), I'm not using www-data as the owner of nginx and php-fpm, using web instead.
(for the curious: 1. because www-data is a ugly name, 2. for not using a user that everyone knows is the default).
AFAIK, all necessary settings have been changed accordingly (while www-data is still a valid user in /etc/passwd)
- nginx setup
- php-fpm setup
/etc/logrotate.d/nginxdoingcreate 0640 web adminstead
Doing a grep -r www-data /etc/* shows only some lines for the user files (passwd, shadow...) - nothing else.
Yet, every now and then, for some reason, access to /var/log/nginx is back to www-data:adm.
It seems to be related to logrotate though its settings have been changed, and the grep shows no relevant match.
Is there something else to look to ensure /var/log/nginx will be set to web:adm for good, and not set back to www-data:adm some time in the future?
1 Answer
Use dpkg-statoverride to change the user and group for /var/log/nginx as the change is most likely happen in postinst script on every package update.
