I've included a previous post that is related to my issue. I work with Justin Ross who provided the answer in the thread below. What Justin and I are trying to figure out is if there is a way to "configure" the permissions on the modsec_audit.log? It seems to always get root:root as owner:group and mode 640:
-rw-r----- 1 root root 21312 Apr 21 09:11 modsec_audit.log Does anyone know of a directive or way to change this? I haven't found one. We would like to set the group to something other than "root" which would allow another restricted process to read the file without elevating permissions to root or being made part of the root group. Any ideas? thanks! -pat. On Thu, Dec 25, 2014 at 02:49:51PM +0000, Ross, Justin wrote: > Make sure the files are owned by the apache or web or whatever user you have > running apache. > > Justin > > On Dec 25, 2014, at 7:24 AM, "Ilyass Kaouam" > <ilyassi...@gmail.com<mailto:ilyassi...@gmail.com>> wrote: > > Hi, > > What this message mean : > > Message: collections_remove_stale: Failed to access DBM file > "/var/lib/mod_security/global": Permission denied > > Message: collections_remove_stale: Failed to access DBM file > "/var/lib/mod_security/ip": Permission denied > > How can I fix it ? > Thank you. > -- > Ilyass kaouam > Systems administrator at Inforisk Group Finaccess > European Masters in Information Technology > Portable : (212) 6 34 57 14 36 > http://www.inforisk.ma > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org<mailto:Owasp-modsecurity-core-rule-set@lists.owasp.org> > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
