Thanks for your response James, but isn't DirCreateMode and FileCreateMode global options? I only want to change the permissions for /var/log/messages to world readable but not /var/log/secure for example. This is why I tried to use the umask setting before the /var/log/messages line and then reset it before the /var/log/secure line.
Thanks. On Thu, May 16, 2013 at 3:50 AM, Boylan, James <[email protected]>wrote: > Use: > $DirCreateMode 0755 > $FileCreateMode 0644 > > As Rainer said, $umask is global and it only uses either the first or the > last one. (I can't remember which order.) > > -- James > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of Rainer Gerhards > Sent: Thursday, May 16, 2013 12:38 AM > To: rsyslog-users > Subject: Re: [rsyslog] File permissions for /var/log/messages > > I think the umask is a global setting, where only the last set value is > actually used. IIRC, there is a specific setting for file permissions (not > a mask, but the actual permissons to use). > > Rainer > > > On Thu, May 16, 2013 at 7:30 AM, Jagga Soorma <[email protected]> wrote: > > > Thanks David for your response. That is exactly what I thought, but > > my logs got rotated on the 12th but the permissions still were 600 > > instead of 644. Looks like logrotate also did not change the > > permissions. Here is my /etc/logrotate.d/syslog file: > > > > -- > > /var/log/cron > > /var/log/maillog > > /var/log/messages > > /var/log/secure > > /var/log/spooler > > { > > create 0644 root root > > sharedscripts > > postrotate > > /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> > > /dev/null || true > > endscript > > } > > -- > > > > Thanks. > > > > > > On Wed, May 15, 2013 at 9:16 PM, David Lang <[email protected]> wrote: > > > > > On Wed, 15 May 2013, Jagga Soorma wrote: > > > > > > Hey Guys, > > >> > > >> I am trying to push a configuration change to all my linux servers > > running > > >> rsyslog to make sure /var/log/messages is chmod'd to 644 and the > > >> change > > I > > >> am making in rsyslog.conf is: > > >> > > >> -- > > >> $umask 0022 # FileCreationMode defaults to 644, so does not need > > >> to be modified *.info;mail.none;authpriv.**none;cron.none > > >> /var/log/messages > > >> $umask 0077 # Reset the umask so /var/log/secure stays 600 > > >> -- > > >> > > >> I am also adding "create 0644 root root" in the > > >> /etc/logrotate.d/syslog file. However, when I restart rsyslog the > > >> permissions don't change. I have to remove (rm) the > > >> /var/log/messages file and then restart rsyslog > > in > > >> order for it to make this permission change. I need to do this on > > >> 100's of servers via puppet and don't want to rm the > > >> /var/log/messages file. Is there something I am missing. I have > > >> been able to do this easily with syslog-ng on sles servers but > > >> can't get it to work on rsyslog servers. > > >> > > >> Any help would be greatly appreciated. > > >> > > > > > > The easiest thing would be to change the rsyslog config and restart > > > it, then just wait for your regular file rotation to move the > > /var/log/messages > > > file. When rsyslog recreates it, it will use the new permissions. > > > > > > David Lang > > > ______________________________**_________________ > > > rsyslog mailing list > > > http://lists.adiscon.net/**mailman/listinfo/rsyslog< > > http://lists.adiscon.net/mailman/listinfo/rsyslog> > > > http://www.rsyslog.com/**professional-services/< > > http://www.rsyslog.com/professional-services/> > > > What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE > > > WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > > > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if > > > you DON'T LIKE THAT. > > > > > _______________________________________________ > > rsyslog mailing list > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE > > WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > > DON'T LIKE THAT. > > > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: > This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites > beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE > THAT. > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
