On Thu, 2012-09-06 at 11:32 +0300, Josh Amishav-Zlatin wrote: > On Thu, Sep 6, 2012 at 11:23 AM, Arthur Dent > <misc.li...@blueyonder.co.uk> wrote: > > > What permissions do you have set on /var/log/httpd? > > > # ll /var/log/httpd/ > total 6192 > -rw-r--r--. 1 root root 29601 Sep 6 08:18 access_log > -rw-r--r--. 1 root root 44859 Sep 2 03:00 > access_log-20120902 > -rw-r--r--. 1 root root 75682 Sep 6 09:10 error_log > -rw-r--r--. 1 root root 79184 Sep 2 03:17 > error_log-20120902 > -rw-r-----. 1 root root 3308100 Sep 6 09:08 modsec_audit.log > -rw-r-----. 1 root root 66836 Sep 1 23:51 > modsec_audit.log-20120902 > -rw-r-----. 1 root root 0 Aug 30 22:33 modsec_debug.log > -rw-r--r--. 1 root root 495778 Sep 6 09:21 ssl_access_log > -rw-r--r--. 1 root root 92901 Sep 1 23:51 > ssl_access_log-20120902 > -rw-r--r--. 1 root root 1422284 Sep 6 09:10 ssl_error_log > -rw-r--r--. 1 root root 17524 Sep 1 23:40 > ssl_error_log-20120902 > -rw-r--r--. 1 root root 522896 Sep 6 09:21 ssl_request_log > -rw-r--r--. 1 root root 106676 Sep 1 23:51 > ssl_request_log-20120902 > > > > Hi, > > > The Apache user needs to be able to access this directory. You need to > adjust the parent directory permissions accordingly.
Hi Josh, thanks for helping... Surely apache can access the directory - after all it writes to access_log and error_log and modsecurity (through httpd) writes to modsec_audit.log ? Could this be a selinux problem? # ls -laZ /var/log drwx------. root root system_u:object_r:httpd_log_t:s0 httpd # ls -laZ /var/log/httpd/ drwx------. root root system_u:object_r:httpd_log_t:s0 . drwxr-xr-x. root root system_u:object_r:var_log_t:s0 .. -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 access_log -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 access_log-20120902 -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 error_log -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 error_log-20120902 -rw-r-----. root root system_u:object_r:httpd_log_t:s0 modsec_audit.log -rw-r-----. root root system_u:object_r:httpd_log_t:s0 modsec_audit.log-20120902 -rw-r-----. root root system_u:object_r:httpd_log_t:s0 modsec_debug.log -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 ssl_access_log -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 ssl_access_log-20120902 -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 ssl_error_log -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 ssl_error_log-20120902 -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 ssl_request_log -rw-r--r--. root root system_u:object_r:httpd_log_t:s0 ssl_request_log-20120902
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
