Description of problem: /var/log/suricata is has a group of suricata but is not group readable by default. It would be useful for utilities that monitor the logs to gain access by being part of the suricata group without yum post actions. Please consider making this directory group readable by default. The files contained within are already group readable by default.
In the spec file, we have: attr(750,suricata,root) %dir %{_var}/log/%{name} Are you wanting it to be: %attr(750,suricata,suricata) %dir %{_var}/log/%{name}
Yes, exactly.