On Thu, Jun 6, 2013 at 9:02 PM, Xuri Nagarin <[email protected]> wrote:
> Yep, that fixed it :) > > $umask 0000 > > I guess some system default umask got into your way. With explicitely setting it, we get rid of the problem :-) Thanks for reporting back! Rainer > Thanks again. > > > > > On Thu, Jun 6, 2013 at 11:58 AM, Xuri Nagarin <[email protected]> wrote: > > > No umask set explicitly in rsyslog.conf. debug log says: > > "6106.534787253:7fc9beaae700: Command 'umask':" > > > > Default system umask is "0022" > > > > Let me try to set the umask var in rsyslog.conf and see if that changes > > things. > > > > Thanks Rainer. > > > > > > > > > > > > On Thu, Jun 6, 2013 at 11:52 AM, Rainer Gerhards < > [email protected] > > > wrote: > > > >> What's the umask set to? > >> > >> Sent from phone, thus brief. > >> Am 06.06.2013 19:36 schrieb "Xuri Nagarin" <[email protected]>: > >> > >> > Ok, I updated the config to v7 syntax: > >> > > >> > template(name="cefdynfile" type="string" > >> > string="/var/log/joe/%msg:F,124:2%/%msg:F,124:3%/logfile") > >> > > >> > ruleset(name="tcpcef") { > >> > if $syslogtag=="CEF:" then { action (type="omfile" FileOwner="joe" > >> > FileGroup="joe" DirOwner="joe" DirGroup="joe" DirCreateMode="0755" > >> > FileCreateMode="0644" DynaFile="cefdynfile") stop } > >> > } > >> > > >> > Before starting rsyslog, I deleted the existing folder structure so > >> rsyslog > >> > would have to create it again. But again the same issue - > folders/files > >> end > >> > up with user/group owner as "joe" but perms are 0700 on folders and > >> 0600 on > >> > files. > >> > > >> > > >> > > >> > > >> > > >> > On Wed, Jun 5, 2013 at 8:42 PM, Xuri Nagarin <[email protected]> > wrote: > >> > > >> > > Right above the create mode directives, if I say: > >> > > $FileOwner joe > >> > > $FileGroup joe > >> > > $DirOwner joe > >> > > $DirGroup joe > >> > > > >> > > then rsyslogd follows them correctly and creates all folders/files > >> with > >> > > user/group joe/joe. > >> > > > >> > > Rest of the config looks like this: > >> > > $template > >> cefdynfile,"/var/log/cef/%msg:F,124:2%/%msg:F,124:3%/logfile" > >> > > > >> > > $Ruleset loggercef > >> > > :syslogtag, isequal, "CEF:" ?cefdynfile > >> > > > >> > > $InputTCPServerBindRuleset loggercef > >> > > $InputTCPServerRun 514 > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > On Wed, Jun 5, 2013 at 8:27 PM, Xuri Nagarin <[email protected]> > >> wrote: > >> > > > >> > >> I upgraded to the latest 7.4.0-1 rpm on RHEL6. > >> > >> > >> > >> In my rsyslog.conf file, I have global directives: > >> > >> $DirCreateMode 0755 > >> > >> $FileCreateMode 0644 > >> > >> > >> > >> When I run rsyslogd in debug mode, it tells me those modes are good > >> for > >> > >> dynfile and folders/files are created with those perms. > >> > >> > >> > >> 6106.528902784:7fc9beaae700: builtin-file: [dynamic] > >> > >> 6106.528911138:7fc9bca30700: processBatch: batch of 1 elements must > >> be > >> > >> processed > >> > >> 6106.528921969:7fc9bca30700: Processing next rule > >> > >> 6106.528930177:7fc9beaae700: template='cefdynfile' > >> > >> 6106.528938479:7fc9beaae700: use async writer=0 > >> > >> 6106.528944460:7fc9beaae700: flush on TX end=1 > >> > >> 6106.528950167:7fc9beaae700: flush interval=1 > >> > >> 6106.528955803:7fc9beaae700: file cache size=10 > >> > >> 6106.528961466:7fc9beaae700: create directories: yes > >> > >> 6106.528967247:7fc9beaae700: file owner 0, group 0 > >> > >> 6106.528972786:7fc9beaae700: force chown() for all files: no > >> > >> 6106.528978438:7fc9beaae700: directory owner 0, group 0 > >> > >> 6106.528984194:7fc9beaae700: dir create mode 0755, file create > >> mode > >> > >> 0644 > >> > >> 6106.528989893:7fc9beaae700: fail if owner/group can not be set: > >> no > >> > >> > >> > >> However, when I start rsyslogd from the init.d script, the > >> folder/file > >> > >> perms revert to the default 0700 and 0600. > >> > >> > >> > >> Any pointers to fix this? > >> > >> > >> > >> TIA. > >> > >> > >> > >> > >> > >> > >> > > > >> > _______________________________________________ > >> > rsyslog mailing list > >> > http://lists.adiscon.net/mailman/listinfo/rsyslog > >> > http://www.rsyslog.com/professional-services/ > >> > What's up with rsyslog? Follow https://twitter.com/rgerhards > >> > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > myriad > >> > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >> > DON'T LIKE THAT. > >> > > >> _______________________________________________ > >> rsyslog mailing list > >> http://lists.adiscon.net/mailman/listinfo/rsyslog > >> http://www.rsyslog.com/professional-services/ > >> What's up with rsyslog? Follow https://twitter.com/rgerhards > >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >> DON'T LIKE THAT. > >> > > > > > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
