Link to home
Create AccountLog in
Avatar of Raymond Barber
Raymond Barber

asked on

log files

I have a file called /var/log/secure. I have changed the permissions to 640 however, every morning it changes back to 644. I checked the logrotate config and that is also set at 640. What is the problem here?
Avatar of Jason Carson
Jason Carson
Flag of Canada image

Is there anything being run every morning via cron that could be causing it?
Avatar of arnold
Within logrotate when it rotates, do you have it set the permissions to create the file if not, the permissions are set when the first event is sent to syslog/rsyslog or ssh creates the file at which the unmask settings which are commonly 022 is what results in the new files permission settings.
Have you given thought to setting the permission on the log to 751 or 750?
Avatar of noci
noci

@arnold, why would the x bit be needed? Do like the files to be executable?
For files the default create mask = 666 with umask 022 => 644.

Setting umask to 026 in the startupscript of the syslog daemon would solve the issue.  from that side
Otherwise explicitely creating the file from logrotate with touch, and then chmodding them to 640 BEFORE restarting syslog daemon may help as well.
ASKER CERTIFIED SOLUTION
Avatar of arnold
arnold
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of Raymond Barber

ASKER

Thanks Arnold. As a part of our global policy I need to have the file structure set this way. I am not a fan just following the rules. Thanks for the feedback much appreciated.