diff --git a/manifests/config.pp b/manifests/config.pp
index a12b613..a15586d 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -4,16 +4,22 @@
 class stunnel::config {
   include stunnel::data
 
-  $stunnel_dirs = [
+  $stunnel_config_dirs = [
     $stunnel::data::config_dir,
-    $stunnel::data::conf_d_dir,
-    $stunnel::data::log_dir,
+    $stunnel::data::conf_d_dir
   ]
 
-  file { $stunnel_dirs:
-    ensure => directory,
-    owner  => 'root',
-    group  => 'root',
-    mode   => '0555',
+  file {
+    $stunnel::data::log_dir:
+      ensure => directory,
+      owner  => $stunnel::data::setuid,
+      group  => $stunnel::data::setgid,
+      mode   => '0755';
+
+    $stunnel_config_dirs:
+      ensure => directory,
+      owner  => 'root',
+      group  => 'root',
+      mode   => '0555';
   }
 }
diff --git a/manifests/data.pp b/manifests/data.pp
index 0464ba3..7b25b5a 100644
--- a/manifests/data.pp
+++ b/manifests/data.pp
@@ -33,8 +33,8 @@
       $conf_d_dir = '/etc/stunnel/conf.d'
       $cert_dir = '/etc/stunnel/certs'
       $log_dir = '/var/log/stunnel4'
-      $setgid = 'root'
-      $setuid = 'root'
+      $setgid = 'stunnel4'
+      $setuid = 'stunnel4'
 
       if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '15.04') >= 0) or
          ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8.0') >= 0) {