What files in /var need to have specific owners?

I'd help you out but I no longer run gentoo so here's a faster way to find out than installing a VM. Download the latest tarball to a directory and extract it. mount proc and dev like you would for an install. chroot in and install whatever server daemons you've installed, you probably need to start them too. now run.

find /var ! -user root -ls

this should list all the files not owned by the root user.

If someone else has a gentoo system they could help him by just running this command

Here's a short list from my system (which is Arch Linux so distance will vary ) which might help out.

find /var -maxdepth 2 ! -user root -ls | sed -e 's/^/    &/'                        slave-iv
262147    4 drwx------   2 named    named        4096 Jul 22 15:49 /var/named
262151    4 -rw-------   1 named    named         234 Jul 22 15:49 /var/named/127.0.0.zone
262148    4 -rw-------   1 named    named        2938 Jul 22 15:49 /var/named/root.hint
262385    4 -rw-------   1 named    named         190 Jul 22 15:49 /var/named/localhost.zone
526002    4 drwx------   6 griff    users        4096 Aug  1 18:16 /var/tmp/kdecache-griff
529617    4 drwx------   3 kdm      kdm          4096 Aug 11 18:30 /var/tmp/kdecache-kdm
526893    4 drwx------   8 xenoterracide users        4096 Aug 20 10:37 /var/tmp/kdecache-xenoterracide
524523    4 drwxrwx--T   2 daemon   daemon       4096 Feb  4  2010 /var/spool/atd
529085    0 -rw-r--r--   1 named    named           0 Aug 15 03:21 /var/log/named.log
529330   16 -rw-r--r--   1 postgres root        14907 Aug 20 08:51 /var/log/postgresql.log
525625    0 -rw-r--r--   1 named    named           0 Aug  8 03:19 /var/log/named.log.1
524820    0 -rw-r--r--   1 named    named           0 Jul 18 03:19 /var/log/named.log.4
529165    0 -rw-r--r--   1 named    named           0 Jul 25 03:19 /var/log/named.log.3
525956    0 -rw-r--r--   1 named    named           0 Aug  1 03:19 /var/log/named.log.2
524864    4 drwx------   4 mysql    mysql        4096 Jun  1 01:10 /var/lib/mysql
524319    4 drwxr-xr-x   2 named    named        4096 Aug 19 01:04 /var/run/named
524309    4 drwxr-xr-x   2 dbus     dbus         4096 Aug 19 01:04 /var/run/dbus
524436    4 drwxr-xr-x   4 hal      hal          4096 Jun 10 17:47 /var/run/hald

Well, "/var" is generally for data generated by programs, so it may not be possible to tell you exactly who should own what without duplicating your system. I can think of two ways you might fix it:

  1. Set up another version of your web server on a spare or virtual machine and then check /var.
  2. Just change to root/root and then see what errors come up (most of the directories will have this ownership structure).

The downside to 1 is the amount of time it will take; the plus side being that it will be accurate. Item 2 is much faster but less accurate even if it's mostly true. The big problem here is that on an important production box 2 may not be feasible.