topic Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi in Operating System - HP-UX

With same UMASK and username, our 2 scheduling tools are generating logs with different permissions.

manish0233 — Tue, 18 Jul 2017 06:20:24 GMT

Hi Everybody,

We are using 2 scheduling tools1.) Tidal and 2.) Control-M to run our jobs in schedule.

They both connect to same HPUX server and with same user ID.

However when we check the logs, we see a difference in the permission of files.

The files generated by Tidal executed scripts has 640 permission but files generated by Control-M have permission as 644.

Can someone please tell me as we need to fix it to have the permissions in sync. Anything we can change to get the permissions same.

Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi

Bill Hassell — Tue, 18 Jul 2017 14:56:45 GMT

Have you contacted Tidal (Cisco?) and Control-M (BMC) support to see if this is the expected behavior? The umask value is only effective with an interactive login. These scheduling programs would have to setup their own enviroment when they run, just like cron jobs.

Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi

Steven Schweda — Tue, 18 Jul 2017 15:33:15 GMT

> With same UMASK and username, [...]

   Whose "UMASK"? And who creates these log files?

> [...] The umask value is only effective with an interactive login.
> [...]

   I wouldn't say that. I'd expect any shell to have a umask. Whether
any particular shell's umask has any effect on the permissions on these
log files depends on the program which creates the log files, about
which I know nothing.

> Have you contacted Tidal (Cisco?) and Control-M (BMC) support [...]

   The people who supply these programs should know more than anyone
here (and certainly more than I).

Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi

Dennis Handly — Tue, 18 Jul 2017 15:35:04 GMT

Which matches your umask?

Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi

Matti_Kurkela — Wed, 19 Jul 2017 11:25:19 GMT

In Control-M, the permissions of the job output files (sysout files) are controlled by a Control-M agent configuration parameter, and this parameter is named differently in Control-M V7 vs. V8.

Please see: https://communities.bmc.com/docs/DOC-72852

For any other files created by the actual job scripts, you could add a command to your job scripts to explicitly set the umask to your preferred value before the commands that create the files, or add commands to the end of your job to explicitly chgrp/chmod the resulting files the way you want.

Whenever you're setting up a new job scheduler or other automation system, you might want to create a small script like this:

#!/bin/sh
exec > /tmp/environment-check-$(date +%Y%m%d-%H%M%S)
echo "Command string was: $0"
echo "Command line arguments:"
for i in "$@"
do
    echo "$i"
done
echo "Current username is: $(whoami)"
echo "id command output:"
id
echo "Current directory is: $(pwd)"
echo "Umask value is: $(umask)"
echo "TTY device is: $(tty)"
echo "Locale settings are:"
locale
echo "Soft ulimits are:"
ulimit -a
echo "Hard ulimits are:"
ulimit -a -H
echo "Environment variables:"
printenv

Then have your automation tool run this script once (i.e. schedule the script for running), and then read the resulting file in /tmp/environment-check-<timestamp>. It will tell you exactly what kind of shell environment is provided by the automation tool.

Yes, in theory the environment should match what you get by simply logging onto the system with the proper username. But in practice, some shells have a pretty complex logic on which startup scripts they run and which they don't, depending on whether the shell session is interactive (= has a TTY device associated with it) or not, and/or whether the session is started as a login shell (= first character of $0 is "-") or not.