Run process with the specified POSIX capability flags.
•If the --no-caps option is not set, and
the host supports CAP_SYSLOG, uses the following capabilities:
"cap_net_bind_service, cap_net_broadcast, cap_net_raw,
cap_dac_read_search, cap_dac_override, cap_chown, cap_fowner=p
•If the --no-caps option is not set, and
the host does not support CAP_SYSLOG, uses the following capabilities:
cap_net_raw,cap_dac_read_search, cap_dac_override, cap_chown, cap_fowner=p
/usr/sbin/syslog-ng -Fv --caps cap_sys_admin,cap_chown,cap_dac_override,cap_net_bind_service,cap_fowner=pi
Note that the capabilities are not case sensitive, the following
command is also good: /usr/sbin/syslog-ng -Fv --caps
For details on the capability flags, see the following man pages:
cap_from_text(3) and capabilities(7)
--cfgfile <file> or -f <file>
Use the specified configuration file.
--chroot <dir> or -C <dir>
Change root to the specified directory. The configuration
file is read after chrooting so, the configuration file must be available
within the chroot. That way it is also possible to reload the syslog-ng
configuration after chrooting. However, note that the --user and
--group options are resolved before chrooting.
--control <file> or -c <file>
Set the location of the syslog-ng control socket. Default
--debug or -d
Start syslog-ng in debug mode.
Enable syslog-ng to write core files in case of a crash
to help support and debugging.
Set the minimal number of required file descriptors
(fd-s). This sets how many files syslog-ng can keep open simultaneously.
Default value: 4096. Note that this does not override the global ulimit
setting of the host.
--foreground or -F
Do not daemonize, run in the foreground. When running in
the foreground, starts from the current directory ($CWD) so it can
create core files (normally, starts from $PREFIX/var).
--group <group> or -g <group>
Switch to the specified group after initializing the
--help or -h
Display a brief help message.
Display the list and description of the available
modules. Available only in and later.
Run syslog-ng as root, without capability-support. This
is the default behavior. On Linux, it is possible to run syslog-ng as non-root
with capability-support if syslog-ng was compiled with the
option enabled. (Execute syslog-ng --version
to display the list of enabled build parameters.)
To run with specific capabilities, use the --caps
--persist-file <persist-file> or -R
Set the path and name of the syslog-ng.persist file where
the persistent options and data are stored.
--pidfile <pidfile> or -p <pidfile>
Set path to the PID file where the pid of the main
process is stored.
After processing the configuration file and resolving
included files and variables, write the resulting configuration into the
specified output file. Available only in and later.
Sets how to run syslog-ng: in the foreground
(mainly used for debugging), in the background as a daemon, or in
safe-background mode. By default, syslog-ng runs in
safe-background mode. This mode creates a supervisor process called
supervising syslog-ng , that restarts syslog-ng if it crashes.
--stderr or -e
Log internal messages of syslog-ng to stderr. Mainly used
for debugging purposes in conjunction with the --foreground option. If
not specified, syslog-ng will log such messages to its internal source.
--syntax-only or -s
Verify that the configuration file is syntactically
correct and exit.
--user <user> or -u <user>
Switch to the specified user after initializing the
configuration file (and optionally chrooting). Note that it is not possible to
reload the syslog-ng configuration if the specified user has no privilege to
create the /dev/log file.
--verbose or -v
Enable verbose logging used to troubleshoot
--version or -V
Display version number and compilation information, and
also the list and short description of the available modules. For detailed
description of the available modules, see the --module-registry
Sets the number of worker threads can use, including the
main thread. Note that certain operations in can use threads that are not
limited by this option. This setting has effect only when is running in
multithreaded mode. Available only in and later. See The 3.28 Administrator
Guide for details.