From 3e713bb52ef86df6eb7502146ca909d494512a70 Mon Sep 17 00:00:00 2001
From: yinw <yinw@vmware.com>
Date: Fri, 26 Feb 2016 18:37:26 +0800
Subject: [PATCH 1/2] rsyslog drops privileges to root

---
 Deploy/log/Dockerfile | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Deploy/log/Dockerfile b/Deploy/log/Dockerfile
index 246746c6b..53a8a6de0 100644
--- a/Deploy/log/Dockerfile
+++ b/Deploy/log/Dockerfile
@@ -8,6 +8,8 @@ RUN mv /etc/cron.daily/logrotate /etc/cron.hourly/ \
 	&& sed 's/#$UDPServerRun 514/$UDPServerRun 514/' -i /etc/rsyslog.conf \
 	&& sed 's/#$ModLoad imtcp/$ModLoad imtcp/' -i /etc/rsyslog.conf \
 	&& sed 's/#$InputTCPServerRun 514/$InputTCPServerRun 514/' -i /etc/rsyslog.conf \
+	&& sed 's/$PrivDropToUser syslog/$PrivDropToUser root/' -i /etc/rsyslog.conf \
+	&& sed 's/$PrivDropToGroup syslog/$PrivDropToGroup root/' -i /etc/rsyslog.conf \
 	&& rm /etc/rsyslog.d/*
 
 # logrotate configuration file for docker
@@ -20,5 +22,5 @@ VOLUME /var/log/docker/
 
 EXPOSE 514
 
-CMD cron &&  chown -R syslog:syslog /var/log/docker/ && rsyslogd -n
+CMD cron && rsyslogd -n
 

From 2db455dcd14eacaac94863ac930ccacfa313051f Mon Sep 17 00:00:00 2001
From: yinw <yinw@vmware.com>
Date: Mon, 29 Feb 2016 10:14:01 +0800
Subject: [PATCH 2/2] remove dropto lines

---
 Deploy/log/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Deploy/log/Dockerfile b/Deploy/log/Dockerfile
index 53a8a6de0..18a86b0af 100644
--- a/Deploy/log/Dockerfile
+++ b/Deploy/log/Dockerfile
@@ -8,8 +8,8 @@ RUN mv /etc/cron.daily/logrotate /etc/cron.hourly/ \
 	&& sed 's/#$UDPServerRun 514/$UDPServerRun 514/' -i /etc/rsyslog.conf \
 	&& sed 's/#$ModLoad imtcp/$ModLoad imtcp/' -i /etc/rsyslog.conf \
 	&& sed 's/#$InputTCPServerRun 514/$InputTCPServerRun 514/' -i /etc/rsyslog.conf \
-	&& sed 's/$PrivDropToUser syslog/$PrivDropToUser root/' -i /etc/rsyslog.conf \
-	&& sed 's/$PrivDropToGroup syslog/$PrivDropToGroup root/' -i /etc/rsyslog.conf \
+	&& sed 's/$PrivDropToUser syslog/#$PrivDropToUser syslog/' -i /etc/rsyslog.conf \
+	&& sed 's/$PrivDropToGroup syslog/#$PrivDropToGroup syslog/' -i /etc/rsyslog.conf \
 	&& rm /etc/rsyslog.d/*
 
 # logrotate configuration file for docker