Aitor San Juan wrote:

I have a shell script whose execution is scheduled by CRON. The
command scheduled is of the form:

50 23 * * 1-5 /apps/batch/cronjobs/ >
/apps/batch/logs/bd_backup.log 2>&1

This shell script runs under the id of root. The file permissions of
the log file created are 644 (owner: root, group: wheel). I'd like that
the file permissions of the log created be 600 (or 640 maximum). How
could I accomplish this? This is probably related to "umask", but I
don't dare changing anything in case that change could affect some
other security configuration as a side effect.

What would you recommend?
One solution: write a simple wrapper shell script for this which:
a) creates the backup.log file, deleting any existing (> backup.log would probably do) b) changes the permissions to the ones you want with chmod, chgrps etc. etc. c) runs /apps/batch/cronjobs/ >> /apps/batch/logs/bd_backup.log 2>&1
     I.e. appends output to the file you just blanked.

Two solution: Always use >> in your cron job, then set up the backup.log to be rotated through newsyslog which can set the permissions correctly. You probably need to create a balnk file with the correct permission once to seed the the process or use newsyslog -C. See the man page for more info.

Solution one is easier, solution two also gets you a more permanent record of how the command ran, rather than losing it every day.


_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to