Mailinglist Archive: opensuse-security (81 mails)

< Previous Next >
Re: [suse-security] changing group on /var/log/messages
  • From: David Bear <David.Bear@xxxxxxx>
  • Date: Tue, 28 Feb 2006 13:35:07 -0700
  • Message-id: <20060228203507.GD7308@xxxxxxx>
On Tue, Feb 28, 2006 at 09:17:54PM +0100, Philippe Vogel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi!
>
> David Bear schrieb:
> > suse makes the group owner of /var/log/messages root. I was
> > wondering what might break if I changed the group owner to be
> > wheel. I would like members of wheel to be able to read
> > /var/log/messages without having to sudo .
> In this case you have to change some stuff, because:
>
> - - logrotate rotates logs and switches rights back to what syslog is
> configured to ...
> - - rights settings in SuSE with Yast will reset everything as well
> - - SuSEconfig will do the same
>
> You may have to change:
>
> /etc/permissions
> /etc/logrotate.conf
> /etc/logrotate/logrotate.d/*
>
> ... some additional stuff and maybe rights settings as well (640
> instead of 600 for some files depending on your desires) ...

this is exactly what I was looking for. Thanks.

>
> Use logcheck or whatever scripts you desire instead for getting your
> reports via mail to local host for further investigations. Other
> option is to run xterm with messages-output via syslog as autostarter
> within whatever window-system you desire (as you have all in group
> wheel you might have x installed).
>
> Regards
>
> Philippe
>
> P.S.: Hint: /var/log/messages has filerights 644, so you needn't sudo
> to read them unless you did a paranoid or whatever security policy
> with you SuSE box.
>
> P.P.S.: All users are group wheel ... is this necessary?
>
> - --
> Diese Nachricht ist digital signiert und enthält weder Siegel noch
> Unterschrift!
>
> Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt
> gegen §1 UWG und 823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az:
> 16 O 201/98). Jede kommerzielle Nutzung der übermittelten
> persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich
> untersagt!
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
> Comment: GnuPT 2.7.2
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQD1AwUBRASv8kNg1DRVIGjBAQLn3gb/T2OKRaqaQT7hHL85w4KiNkxADspT/1Cl
> 6hzjD85diGWoXwCuTvkOQNw1SiZgdsBjc5uTstmZXhK5B3Z/mMLVkqC8MZdISvim
> /LVgX7IjM8wm6Chhqxx3n3b/c2MM+7V9sXfLdQ3LEKYL3ueqPTtfG7ZqNROoIDkQ
> sz+qI71I5A3qERPCon5u9NMsYXkJGGnVF6u374s8GXF59SklIOenarS7TgyioAjs
> Lyts9Qi6T4nnsKwepM2ZH+y6XtOijPWSQEc7xV5MWOKb6nFeIpW2vLv+WsoEMECX
> uEixgi4KAyo=
> =LUjD
> -----END PGP SIGNATURE-----
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here

--
David Bear
phone: 480-965-8257
fax: 480-965-9189
College of Public Programs/ASU
Wilson Hall 232
Tempe, AZ 85287-0803
"Beware the IP portfolio, everyone will be suspect of trespassing"

< Previous Next >