From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/2689 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Dewayne Geraghty Newsgroups: gmane.comp.sysutils.supervision.general Subject: Re: s6-log can create current with 640? Date: Thu, 24 Oct 2019 10:03:58 +1100 Message-ID: <01b8c564-887f-16cf-405c-8bcfc52c02b1@heuristicsystems.com.au> References: <6f3a28f8-798c-9a55-e79b-2e54b37edf2e@heuristicsystems.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="88064"; mail-complaints-to="usenet@blaine.gmane.org" User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 To: supervision@list.skarnet.org Original-X-From: supervision-return-2278-gcsg-supervision=m.gmane.org@list.skarnet.org Thu Oct 24 01:06:01 2019 Return-path: Envelope-to: gcsg-supervision@m.gmane.org Original-Received: from alyss.skarnet.org ([95.142.172.232]) by blaine.gmane.org with smtp (Exim 4.89) (envelope-from ) id 1iNPhW-000Mh3-8t for gcsg-supervision@m.gmane.org; Thu, 24 Oct 2019 01:05:59 +0200 Original-Received: (qmail 11618 invoked by uid 89); 23 Oct 2019 23:06:22 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm Original-Sender: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Original-Received: (qmail 11611 invoked from network); 23 Oct 2019 23:06:21 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=heuristicsystems.com.au; s=hsa; t=1571871838; x=1572476639; bh=ZMi4+AuSArGI7NI6X3/34+9PJ9iJjEzzV7wUoyFNKCo=; h=Subject:To:From:Message-ID:Date; b=QTI33OyGTxKK2ADjQdWv3HJKNc6Y+oxVE3dBjWDsLYalN4MaYPN/hurtGnrgtoWKt fsI7ZQSECfAeV75opJkj81k9htnk+v9WFbMFMj6EaSfN4RhDOt24ICpzauVTmZt31h gtn7Mx3V0fjiyiw8ZccZssN5GMRLodO5MUnJ4v7EHTUOKvPsqF7Yg X-Authentication-Warning: b3.hs: Host noddy.hs [10.0.5.3] claimed to be [10.0.5.3] Openpgp: preference=signencrypt In-Reply-To: Content-Language: en-AU Xref: news.gmane.org gmane.comp.sysutils.supervision.general:2689 Archived-At: Thanks Jonathon. Both attempts were within the execlineb context, so I assume that umask was correctly employed ;). I tried My initial attempt #!/usr/local/bin/execlineb -P s6-setuidgid uucp redirfd -r 0 /services/ntp/fifo umask 037 /usr/local/bin/s6-log -b n14 r7000 s100000 S3000000 !"/usr/bin/xz -7q" /var/log/ntpd which results in notice of "# echo: write: Broken pipe"; the ntp process properly starts but there is no ntp logging process. --- The usual flow is echo: write: Broken pipe ... and in quick succession (<1 sec): # ps -axww | grep ntpd 28869 - Rs 0:00.00 s6-setuidgid uucp redirfd -r 0 /service/fifo umask 037 /usr/local/bin/s6-log -b n14 r7000 s100000 S3000000 !/usr/bin/xz -7q /var/log/ntpd # ps -axww | grep ntpd 29457 - Ss 0:00.03 /usr/local/sbin/ntpd -c /etc/ntp.conf -u ntpd -x -G --nofork and /var/log/ntpd folder is empty (with mode rwx------) --- If I move umask up one line (before redirfd), the logging process doesn't start; and blocks the start of ntp. There is a dependency relationship ntp-log <- ntp so this is expected. I was surprised that umask didn't work, but not overly concerned; as Colin, quite rightly, pointed to my directory permissions as being adequate. Now to migrate sendmail and its milters... Regards, Dewayne