From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/1230 Path: news.gmane.org!not-for-mail From: Vincent Danen Newsgroups: gmane.comp.sysutils.supervision.general Subject: svlogd and umask settings Date: Wed, 30 Aug 2006 16:03:25 -0600 Organization: Annvix Message-ID: <20060830220325.GK25489@annvix.org> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Afp4e3CscGk5BalI" X-Trace: sea.gmane.org 1156975461 28527 80.91.229.2 (30 Aug 2006 22:04:21 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Wed, 30 Aug 2006 22:04:21 +0000 (UTC) Original-X-From: supervision-return-1466-gcsg-supervision=m.gmane.org@list.skarnet.org Thu Aug 31 00:04:18 2006 Return-path: Envelope-to: gcsg-supervision@gmane.org Original-Received: from antah.skarnet.org ([212.85.147.14]) by ciao.gmane.org with smtp (Exim 4.43) id 1GIYAD-0003CF-KN for gcsg-supervision@gmane.org; Thu, 31 Aug 2006 00:04:01 +0200 Original-Received: (qmail 6035 invoked by uid 76); 30 Aug 2006 22:04:23 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 6029 invoked from network); 30 Aug 2006 22:04:22 -0000 Original-To: supervision@list.skarnet.org Content-Disposition: inline X-Mailer: Mutt 1.5.x/OS X 10.4.x X-PGP-Key: http://linsec.ca/vdanen.asc X-URL: http://annvix.org/ User-Agent: Mutt/1.5.10i X-SA-Exim-Connect-IP: 68.149.37.7 X-SA-Exim-Mail-From: vdanen@annvix.org X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on hades.annvix.org X-Spam-Level: X-Spam-Status: No, score=-4.4 required=6.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.1.0 X-SA-Exim-Version: 4.2 (built Wed, 01 Feb 2006 18:29:36 -0700) X-SA-Exim-Scanned: Yes (on hades.annvix.org) Xref: news.gmane.org gmane.comp.sysutils.supervision.general:1230 Archived-At: --Afp4e3CscGk5BalI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I have an issue with svlogd where I need it to write files with 0640 perms, but it wants to write with 0644 perms. I tried to toss a umask call in my runscript: [root@ares apparmor.d]# cat /service/auditd/log/run=20 #!/bin/execlineb # logging for the auditd service; unfortunately we need to run as root here # so that genprof will look at our log /bin/foreground { /usr/bin/install -m 0700 -d -o root -g root /var/log/system/audit } /bin/cd /var/log/service /bin/umask 026 /sbin/svlogd /var/log/system/audit This doesn't seem to make a difference to svlogd. Looking in the manpage, I didn't see anything about changing the permissions of files it creates. But even with the above I get: [root@ares apparmor.d]# ls -l /var/log/system/audit/ total 0 -rw-r--r-- 1 root root 0 Aug 30 16:17 current -rw------- 1 root root 0 Aug 30 16:17 lock What am I missing or do I have to change something in svlogd itself? Since Annvix is now using socklog by default, I need to make sure logs are 0640. The directory permissions are correct, but the log file permissions are not. --=20 {FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4} mysql> SELECT * FROM users WHERE clue > 0; Empty set (0.00sec) --Afp4e3CscGk5BalI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) iD8DBQFE9gstLrxeMv7jCtQRAuS6AJ9eb+UtkExwlgzjdqKilUhEtL81JQCfV1tk A/UBFbbnu2byQihbIZelNZ8= =fRUT -----END PGP SIGNATURE----- --Afp4e3CscGk5BalI--