topic Re: syslog error in Operating System - HP-UX

syslog error

himacs — Sat, 21 Nov 2009 16:12:58 GMT

Hi Admins,

As the part of hardening i have to reassign the syslog with 600 permission.But we use a normal user to grep the syslog.log to list the login details for which we have script.

So i have set acl read permission for the normal user with syslog.log file.But its showing permission denied.I have tested with full acl permission(rwx).But no use.

My requirement is, i want to give 600 permission to syslog file and normal user should access the syslog file for login details.

Please suggest

Regards
himacs

Re: syslog error

Johnson Punniyalingam — Sat, 21 Nov 2009 16:25:32 GMT

>>>

My requirement is, i want to give 600 permission to syslog file and normal user should access the syslog file for login details.<<<

by default syslog file permission has read access permission

Example :-

rw-r-r syslog.log

Re: syslog error

Johnson Punniyalingam — Sat, 21 Nov 2009 16:30:56 GMT

>>i want to give 600 permission to syslog file<<

if you give "600: permission to syslog"

normal user have no access i mean (r=read)

by default file permission should has below

rw-r-r syslog.log

# chmod 644 syslog.log

simple explanation of rwx

(r = read = 4)
(w = write = 2)
(x = excute = 1)

Re: syslog error

himacs — Sat, 21 Nov 2009 16:33:10 GMT

Hi Johnson,

Thanx for ur time..

defaukt permission is 644.

But as the part of hardening m making it as 600.

ANd m giving ACL permission to a normal user to read syslogs.But it showing permission denied.

regards
himacs

Re: syslog error

Johnson Punniyalingam — Sat, 21 Nov 2009 16:44:12 GMT

>>But as the part of hardening m making it as 600<<

never came across these kind of "hardening" ?

owner of the file is "root", I d'not see any point here. by default its "syslog.log" carries readonly permission for others /normal users

by default "syslog.log" which has "rw-r-r"
perfect - Its my understanding

Re: syslog error

Johnson Punniyalingam — Sat, 21 Nov 2009 17:02:19 GMT

Hope this Helps,

http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1258822839871+28353475&threadId=1046300

Re: syslog error

himacs — Sun, 22 Nov 2009 11:05:05 GMT

Hi

please find the getacl output

/var/adm/syslog>getacl syslog.log
# file: syslog.log
# owner: root
# group: root
user::rw-
user:uxgsmc:rw- #effective:---
group::r-- #effective:---
class:---
other:---
/var/adm/syslog>more syslog.log
syslog.log: Permission denied

here its showing effective as ---.

Plz suggest

Regards
himacs

Re: syslog error

dirk dierickx — Mon, 23 Nov 2009 09:42:14 GMT

perhaps you could use sudo, limit that user to do only grep on the syslog?

it's a possible work around.