Daniel John Debrunner wrote:
In RollingFileAppender.rollOver() after a successful roll over is this
code to create the new active file:
187 if (renameSucceeded) {
188 try {
189 // This will also close the file. This is OK since multiple
190 // close operations are safe.
191 this.setFile(fileName, false, bufferedIO, bufferSize);
192 nextRollover = 0;
193 }
Note that false is always passed as the append mode at line 191
regardless of the value of the append property. This possibly causes
issues when running with SELinux and restricted file permissions as the
process now needs write permission, rather than just append. Allowing
just append ensures a process cannot overwrite its log file. I see this
has been raised back in 2004,
http://markmail.org/message/gfgz5nxatnd2akkx
but with no answer, and there does not seem to be a bugzilla entry for
it. I do see that RollingFileAppender overrides setFile() and uses the
append flag in that method, so maybe any fix is not as easy as changing
false to 'append' at line 191.
Any justification for dropping of the append status?
Hello Dan,
After a rollover, a new file has been created which necessarily of size zero on
account of it being new. The point about the appender needing write permissions
is interesting but isn't write permission already required to rename the file as
is done during roll over?
Thanks,
Dan.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
