Who's messing with the permissions?
The permissions on my /var/log/messages file keep getting reset to "-rw-r-----" (so that ordinary users can't read it) even though I've set the PERMISSION_SECURITY variable in /etc/sysconfig (via Yast2) to "here local" and included the line /var/log/messages root.root 744 in /etc/permissions.here. (/etc/permissions.local has no uncommented lines.) So what program is changing the permissions on me? And when more than one permissions file is specified in PERMISSION_SECURITY, how do the different files interact? The comments in /etc/permissions don't help with this. Paul Abrahams
Probably syslogd. Restart it.
Try with lsof to obtain more info.
--- "Paul W. Abrahams"
getting reset to "-rw-r-----" (so that ordinary users can't read it) even though I've set the PERMISSION_SECURITY variable in /etc/sysconfig (via Yast2) to "here local" and included the line
/var/log/messages root.root 744
in /etc/permissions.here. (/etc/permissions.local has no uncommented lines.) So what program is changing the permissions on me? And when more than one permissions file is specified in PERMISSION_SECURITY, how do the different files interact? The comments in /etc/permissions don't help with this.
Paul Abrahams
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
* Paul W. Abrahams
The permissions on my /var/log/messages file keep getting reset to "-rw-r-----" (so that ordinary users can't read it) even though I've set the PERMISSION_SECURITY variable in /etc/sysconfig (via Yast2) to "here local" and included the line
/var/log/messages root.root 744
in /etc/permissions.here. (/etc/permissions.local has no uncommented lines.) So what program is changing the permissions on me? And when more than one permissions file is specified in PERMISSION_SECURITY, how do the different files interact? The comments in /etc/permissions don't help with this.
perhaps (from /etc/permissions.local): # Please remember that logfiles might be modified by the logfile # rotation facilities (e.g. logrotate) so local settings might # be overridden. /etc/logrotate.d/syslog: /var/log/warn /var/log/messages /var/log/allmessages /var/log/localmessages /var/log/firewall { compress dateext maxage 365 rotate 99 missingok notifempty size +4096k create 640 root root sharedscripts postrotate /etc/init.d/syslog reload endscript } -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org
On Sunday 25 January 2004 4:40 pm, Patrick Shanahan wrote:
perhaps (from /etc/permissions.local):
# Please remember that logfiles might be modified by the logfile # rotation facilities (e.g. logrotate) so local settings might # be overridden.
/etc/logrotate.d/syslog:
/var/log/warn /var/log/messages /var/log/allmessages /var/log/ localmessages /var/log/firewall { compress dateext maxage 365 rotate 99 missingok notifempty size +4096k create 640 root root <== sharedscripts postrotate /etc/init.d/syslog reload endscript }
You found the problem: the indicated line needs to be changed. There's a subtle issue lurking here: the need to keep logrotate.d/syslog and /etc/ permissions.xxx consistent. Also another lesson to be learned: to find such things, do a recursive grep on /etc, like so: grep -r /var/log/messages /etc That brings the gremlins into the light of day. Paul Abrahams
* Paul W. Abrahams
You found the problem: the indicated line needs to be changed. There's a subtle issue lurking here: the need to keep logrotate.d/syslog and /etc/ permissions.xxx consistent. Also another lesson to be learned: to find such things, do a recursive grep on /etc, like so:
grep -r /var/log/messages /etc
That brings the gremlins into the light of day.
Perhaps, but if you had read completely /etc/permissions.local, you would have had your answer. -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org
Please someone tell me a way to get my Creative Webcam NX Ultra working with SuSE, Thank you Dave
* Armisis Aieoln
Please someone tell me a way to get my Creative Webcam NX Ultra working with SuSE,
Perhaps, but first please start a new thread of your own instead of responding to an existing post and changeing the subject. This is commonly called hijacking and causes display problems in threaded mail clients and havoc when trying to search the archives. If you must reply to an existing post instead of typing the address yourself, to preserve threading requires removing the 'In-Reply-To:' header. thanks for your consideration, -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org
The Sunday 2004-01-25 at 16:25 -0500, Paul W. Abrahams wrote:
The permissions on my /var/log/messages file keep getting reset to "-rw-r-----" (so that ordinary users can't read it) even though I've set the PERMISSION_SECURITY variable in /etc/sysconfig (via Yast2) to "here local" and included the line
/var/log/messages root.root 744
in /etc/permissions.here. (/etc/permissions.local has no uncommented lines.) So what program is changing the permissions on me?
/sbin/conf.d/SuSEconfig.permissions
And when more than one permissions file is specified in PERMISSION_SECURITY, how do the different files interact?
They execute in order; the last one takes precedence.
The comments in /etc/permissions don't help with this.
No? It's clear enough: # SuSEconfig will use the files /etc/permissions and the ones ending in # what the variable $PERMISSION_SECURITY from /etc/rc.config contains. # By default, these are the files /etc/permissions, /etc/permissions.easy # and /etc/permissions.local for local changes by the admin. In addition, # the directory /etc/permissions.d/ can contain permission files that # belong to the packages they modify file modes for. These permission files # are to switch between conflicting file modes of the same file paths in # different packages (popular example: sendmail and postfix, path # /usr/sbin/sendmail). Therefore, you should have created an '/etc/permissions.here' file. Otherwise, do your changes only in '/etc/permissions.local' -- Cheers, Carlos Robinson
participants (5)
-
Armisis Aieoln
-
Carlos E. R.
-
Enrique Arizón
-
Patrick Shanahan
-
Paul W. Abrahams