I'm not sure what changed recently but Nginx has been saving log files using all sorts of user/group permissions.
The directory structure is as follows:
/srv/logs/domain.ext/access.log
/srv/logs/domain.ext/subdomain/access.log
The directory permissions for both domain.ext and domain.ext/subdomain are identical drwxr-xr-x root:root.
However, in domain.ext the log files are created as root:root 644, where the log files in domain.ext/subdomain are created as www-data:adm 640. Additionally, a small mix of domain.ext/subdomain them are www-data:root 644.
If I adjust the log file location for domain.ext to domain.ext/subdomain it continues to create as root:root 644.
What brought this to my attention was that logrotate was not rotating logs in domain.ext but was in domain.ext/subdomain. Nginx runs as user www-data.
Any idea what would cause this mix up of permissions?