Hey, This is the included file that i have right now (There's other included files but this is the file where i set permissions for our JBoss application log files and then, at the end, i reset it to the distros default permission) : # Lyra Network JBoss EAP 6 syslog config # ----- New Permissions -----$FileGroup jboss-as-logs$umask 0000$FileCreateMode 0640 # ----- Jboss LOG Files -----if $syslogfacility-text == 'local2' and $app-name == 'jboss-vads' then /var/log/jboss-as/server.log;lyraJBossFormat& ~ if $syslogfacility-text == 'local2' and $app-name == 'jboss-operations' then /var/log/jboss-as/operations.log;lyraMsgOnlyFormat& ~ if $syslogfacility-text == 'local2' and $app-name == 'jboss-3ds' then /var/log/jboss-as/3ds.log;lyraMsgOnlyFormat& ~ if $syslogfacility-text == 'local2' and $app-name == 'jboss-primary' then /var/log/jboss-as/primary.log;lyraMsgOnlyFormat& ~ # ----- Default Permissions -----$FileGroup root$FileCreateMode 0600
El Fatayri Anwar > Date: Tue, 8 Apr 2014 10:34:20 -0700 > From: [email protected] > To: [email protected] > Subject: Re: [rsyslog] rsyslog 5.8.10 Log Files permissions > > In the rsyslog.conf (and included files) there are parameters to set the > permissions on the log files that are created. > > If your distro has set something different from the rsyslog default (or > modified > the source to change the default), we aren't going to know about it. > > If you look at (or post) the full rsyslog config files, we can point out what > the setting is. > > David Lang > > > On Tue, 8 Apr 2014, Anwar El fatayri wrote: > > > Date: Tue, 8 Apr 2014 14:06:27 +0200 > > From: Anwar El fatayri <[email protected]> > > Reply-To: rsyslog-users <[email protected]> > > To: rsyslog-users <[email protected]> > > Subject: Re: [rsyslog] rsyslog 5.8.10 Log Files permissions > > > > It's ok ... I'll do it manually > > Thx a lot > > > > El Fatayri Anwar > > > > > > > > > > > >> Date: Tue, 8 Apr 2014 13:43:08 +0200 > >> From: [email protected] > >> To: [email protected] > >> Subject: Re: [rsyslog] rsyslog 5.8.10 Log Files permissions > >> > >> Which values do you want? > >> > >> Sent from phone, thus brief. > >> Am 08.04.2014 13:29 schrieb "Anwar El fatayri" <[email protected] > >>> : > >> > >>> > >>> > >>> El Fatayri Anwar > >>> ok ... But how can i do that ? > >>> Anwar > >>> > >>> > >>> > >>>> Date: Tue, 8 Apr 2014 12:52:48 +0200 > >>>> From: [email protected] > >>>> To: [email protected] > >>>> Subject: Re: [rsyslog] rsyslog 5.8.10 Log Files permissions > >>>> > >>>> On Tue, Apr 8, 2014 at 12:42 PM, Anwar El fatayri < > >>>> [email protected]> wrote: > >>>> > >>>>> Hey Rainer, > >>>>> I want my configuration files to be generic. Creating all Linux > >>> standard > >>>>> log files manually is not generic (i might have problems when updating > >>> the > >>>>> system for example). > >>>>> Example: > >>>>> 1) Install linux on a machine (CentOS 6.3 for ex.) 2) delete > >>>>> /var/log/messages3) restart rsyslogd > >>>>> Result : /var/log/messages is created with is natlive permissions, > >>> owner, > >>>>> group ... > >>>>> Isn't possible to go back to this state after creating specific app log > >>>>> files with specific permissions, groups .. ??? > >>>>> > >>>> > >>>> of course, BUT if the distro uses settings different from rsyslog's > >>>> default, you need to tell rsyslog which ones to use. We can't guess what > >>>> the distro wants. So you need to set these settings (the *distro* > >>> defaults) > >>>> explicitely. > >>>> > >>>> Rainer > >>>> > >>>> El Fatayri Anwar > >>>>> > >>>>> > >>>>> > >>>>>> Date: Tue, 8 Apr 2014 12:31:03 +0200 > >>>>>> From: [email protected] > >>>>>> To: [email protected] > >>>>>> Subject: Re: [rsyslog] rsyslog 5.8.10 Log Files permissions > >>>>>> > >>>>>> On Tue, Apr 8, 2014 at 11:18 AM, Anwar El fatayri < > >>>>>> [email protected]> wrote: > >>>>>> > >>>>>>> Hey all, > >>>>>>> I wrote a script that creates a generic rsyslog configuration > >>> files in > >>>>>>> rsyslog.d for all my machines. I have one problem with my log files > >>>>>>> permissions. This is the permissions config file that my script > >>>>> generates > >>>>>>> /etc/rsyslog.d/zz-002-permissions.log : > >>>>>>> $FileGroup jboss-as-logs$umask 0000$FileCreateMode 0640 > >>>>>>> > >>>>>>> The problem is that these files are included in rsyslog.conf before > >>>>>>> creating the systems log files (like /var/log/messages, > >>> /var/log/secure > >>>>>>> ...) and i really don't want to change this file (---> Linux best > >>>>>>> practices). > >>>>>>> I tried to reset all configuration variables to their default value > >>>>> using > >>>>>>> &ResetConfigVariables but that doesn't work. It actually resets > >>>>>>> FileCreateMode to 0644 for example. > >>>>>>> > >>>>>> > >>>>>> well, that's rsyslog default for this setting. I guess the distro has > >>>>>> changed that via a directive. > >>>>>> > >>>>>> > >>>>>>> Any ideas ?? > >>>>>>> I want to be able to delete /var/log/messages for example and then > >>>>> restart > >>>>>>> rsyslog and have root as the owner and the group of this file with > >>> its > >>>>>>> native permissions (0600). Is this possible with rsyslog or do i > >>> need > >>>>> to > >>>>>>> change permissions manually ?? > >>>>>>> > >>>>>> > >>>>>> so why not either do the other changes after the standard files OR > >>> reset > >>>>>> the manually to the values that you want? It looks like you know what > >>>>> they > >>>>>> are. > >>>>>> > >>>>>> Rainer > >>>>>> > >>>>>> Thanks in advance > >>>>>>> El Fatayri Anwar > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> _______________________________________________ > >>>>>>> rsyslog mailing list > >>>>>>> http://lists.adiscon.net/mailman/listinfo/rsyslog > >>>>>>> http://www.rsyslog.com/professional-services/ > >>>>>>> What's up with rsyslog? Follow https://twitter.com/rgerhards > >>>>>>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > >>>>> myriad > >>>>>>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if > >>> you > >>>>>>> DON'T LIKE THAT. > >>>>>>> > >>>>>> _______________________________________________ > >>>>>> rsyslog mailing list > >>>>>> http://lists.adiscon.net/mailman/listinfo/rsyslog > >>>>>> http://www.rsyslog.com/professional-services/ > >>>>>> What's up with rsyslog? Follow https://twitter.com/rgerhards > >>>>>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > >>> myriad > >>>>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >>>>> DON'T LIKE THAT. > >>>>> > >>>>> _______________________________________________ > >>>>> rsyslog mailing list > >>>>> http://lists.adiscon.net/mailman/listinfo/rsyslog > >>>>> http://www.rsyslog.com/professional-services/ > >>>>> What's up with rsyslog? Follow https://twitter.com/rgerhards > >>>>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > >>> myriad > >>>>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >>>>> DON'T LIKE THAT. > >>>>> > >>>> _______________________________________________ > >>>> rsyslog mailing list > >>>> http://lists.adiscon.net/mailman/listinfo/rsyslog > >>>> http://www.rsyslog.com/professional-services/ > >>>> What's up with rsyslog? Follow https://twitter.com/rgerhards > >>>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > >>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >>> DON'T LIKE THAT. > >>> > >>> _______________________________________________ > >>> rsyslog mailing list > >>> http://lists.adiscon.net/mailman/listinfo/rsyslog > >>> http://www.rsyslog.com/professional-services/ > >>> What's up with rsyslog? Follow https://twitter.com/rgerhards > >>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > >>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >>> DON'T LIKE THAT. > >>> > >> _______________________________________________ > >> rsyslog mailing list > >> http://lists.adiscon.net/mailman/listinfo/rsyslog > >> http://www.rsyslog.com/professional-services/ > >> What's up with rsyslog? Follow https://twitter.com/rgerhards > >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >> DON'T LIKE THAT. > > > > _______________________________________________ > > rsyslog mailing list > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > > LIKE THAT. > > > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
