Re: s6-log can create current with 640?
My initial attempt #!/usr/local/bin/execlineb -P s6-setuidgid uucp redirfd -r 0 /services/ntp/fifo umask 037 /usr/local/bin/s6-log -b n14 r7000 s10 S300 !"/usr/bin/xz -7q" /var/log/ntpd Hi Dewayne, - Is there a reason why you're using a manually created fifo instead of the built-in logging facility offered by s6-svscan? You could tell ntpd to log to /dev/stdout, and have the logger in a ntpd/log service directory, and your logs would automatically be available on your logger's stdin. - About umask: that's very strange. Can you strace, or ktrace, or whatever tool gives you a list of system calls, the script? It will show exactly what's going on. -- Laurent
Re: s6-log can create current with 640?
Thanks Jonathon. Both attempts were within the execlineb context, so I assume that umask was correctly employed ;). I tried My initial attempt #!/usr/local/bin/execlineb -P s6-setuidgid uucp redirfd -r 0 /services/ntp/fifo umask 037 /usr/local/bin/s6-log -b n14 r7000 s10 S300 !"/usr/bin/xz -7q" /var/log/ntpd which results in notice of "# echo: write: Broken pipe"; the ntp process properly starts but there is no ntp logging process. --- The usual flow is echo: write: Broken pipe ... and in quick succession (<1 sec): # ps -axww | grep ntpd 28869 - Rs 0:00.00 s6-setuidgid uucp redirfd -r 0 /service/fifo umask 037 /usr/local/bin/s6-log -b n14 r7000 s10 S300 !/usr/bin/xz -7q /var/log/ntpd # ps -axww | grep ntpd 29457 - Ss 0:00.03 /usr/local/sbin/ntpd -c /etc/ntp.conf -u ntpd -x -G --nofork and /var/log/ntpd folder is empty (with mode rwx--) --- If I move umask up one line (before redirfd), the logging process doesn't start; and blocks the start of ntp. There is a dependency relationship ntp-log <- ntp so this is expected. I was surprised that umask didn't work, but not overly concerned; as Colin, quite rightly, pointed to my directory permissions as being adequate. Now to migrate sendmail and its milters... Regards, Dewayne
Re: s6-log can create current with 640?
Dewayne Geraghty: I did try umask 037 but that just broke the pipe. That was probably because you were using the wrong umask tool. It has to be the chain-loading one in a nosh or an execlineb script. % cat /var/sv/deluged/service/run #!/bin/nosh #Deluge BitTorrent client envuidgid -- deluge userenv-fromenv umask 037 setuidgid -- deluge deluged --do-not-daemonize % * http://jdebp.uk./Softwares/nosh/guide/commands/umask.xml * http://skarnet.org/software/execline/umask.html