On 2/8/2010 7:54 AM, Ola Lundqvist wrote: >> /var/log/access.log is writeable by everyone. The following would fix that: > > The file or the directory? > > My file has the following permission: > drwxr-xr-x 2 ntop root 89 May 10 2009 . > drwxr-xr-x 15 root root 4096 Feb 8 01:21 .. > -rw------- 1 ntop ntop 0 May 10 2009 access.log > -rw------- 1 ntop ntop 1495082 May 8 2009 access.log.1.gz > -rw------- 1 ntop ntop 263209 May 6 2009 access.log.2.gz > -rw------- 1 ntop ntop 50469 Nov 12 2006 access.log.3.gz
Maybe you did that yourself sometime in the past? After installation (not upgrade) on two independent Lenny systems: - aptitude install ntop - ntop -A - /etc/init.d/ntop start my log directory looks like this: drwxr-xr-x 2 ntop root 4096 2010-01-27 11:18 . drwxr-xr-x 12 root root 4096 2010-01-27 11:17 .. -rw-rw-rw- 1 root root 0 2010-01-27 11:18 access.log >> + chown -Rf $USER: /var/log/ntop > > Why changing this? Why the ':' character? To make the group of the directory the primary group of the user (i.e. ntop) we just chowned to. >> +# content of log dir inherits group permission >> +chmod g+s,o= /var/log/ntop > > Why do you want to inherit the root group permissions? Because the files need to be writeable to ntop. After the above, files will belong to group ntop (like the directory). So ntop will be able to access (read/write) them. JM -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
