Thanks David for your response. That is exactly what I thought, but my
logs got rotated on the 12th but the permissions still were 600 instead of
644. Looks like logrotate also did not change the permissions. Here is my
/etc/logrotate.d/syslog file:
--
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
create 0644 root root
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null ||
true
endscript
}
--
Thanks.
On Wed, May 15, 2013 at 9:16 PM, David Lang <[email protected]> wrote:
> On Wed, 15 May 2013, Jagga Soorma wrote:
>
> Hey Guys,
>>
>> I am trying to push a configuration change to all my linux servers running
>> rsyslog to make sure /var/log/messages is chmod'd to 644 and the change I
>> am making in rsyslog.conf is:
>>
>> --
>> $umask 0022 # FileCreationMode defaults to 644, so does not need to be
>> modified
>> *.info;mail.none;authpriv.**none;cron.none
>> /var/log/messages
>> $umask 0077 # Reset the umask so /var/log/secure stays 600
>> --
>>
>> I am also adding "create 0644 root root" in the /etc/logrotate.d/syslog
>> file. However, when I restart rsyslog the permissions don't change. I
>> have to remove (rm) the /var/log/messages file and then restart rsyslog in
>> order for it to make this permission change. I need to do this on 100's
>> of
>> servers via puppet and don't want to rm the /var/log/messages file. Is
>> there something I am missing. I have been able to do this easily with
>> syslog-ng on sles servers but can't get it to work on rsyslog servers.
>>
>> Any help would be greatly appreciated.
>>
>
> The easiest thing would be to change the rsyslog config and restart it,
> then just wait for your regular file rotation to move the /var/log/messages
> file. When rsyslog recreates it, it will use the new permissions.
>
> David Lang
> ______________________________**_________________
> rsyslog mailing list
> http://lists.adiscon.net/**mailman/listinfo/rsyslog<http://lists.adiscon.net/mailman/listinfo/rsyslog>
> http://www.rsyslog.com/**professional-services/<http://www.rsyslog.com/professional-services/>
> What's up with rsyslog? Follow https://twitter.com/rgerhards
> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
> DON'T LIKE THAT.
>
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
