HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

With same UMASK and username, our 2 scheduling tools are generating logs with different permissions.

 
manish0233
Occasional Visitor

With same UMASK and username, our 2 scheduling tools are generating logs with different permissions.

Hi Everybody,

We are using 2 scheduling tools1.) Tidal and 2.) Control-M to run our jobs in schedule.

They both connect to same HPUX server and with same user ID.

However when we check the logs, we see a difference in the permission of files.

The files generated by Tidal executed scripts has 640 permission but files generated by Control-M have permission as 644.

Can someone please tell me  as we need to fix it to have the permissions in sync. Anything we can change to get the permissions same.

4 REPLIES
Bill Hassell
Honored Contributor

Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi

Have you contacted Tidal (Cisco?) and Control-M (BMC) support to see if this is the expected behavior? The umask value is only effective with an interactive login. These scheduling programs would have to setup their own enviroment when they run, just like cron jobs.



Bill Hassell, sysadmin
Steven Schweda
Honored Contributor

Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi

> With same UMASK and username, [...]

   Whose "UMASK"?  And who creates these log files?

> [...] The umask value is only effective with an interactive login.
> [...]

   I wouldn't say that.  I'd expect any shell to have a umask.  Whether
any particular shell's umask has any effect on the permissions on these
log files depends on the program which creates the log files, about
which I know nothing.

> Have you contacted Tidal (Cisco?) and Control-M (BMC) support [...]

   The people who supply these programs should know more than anyone
here (and certainly more than I).

Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi

Which matches your umask?

Matti_Kurkela
Honored Contributor

Re: With same UMASK and username, our 2 scheduling tools are generating logs with different permissi

In Control-M, the permissions of the job output files (sysout files) are controlled by a Control-M agent configuration parameter, and this parameter is named differently in Control-M V7 vs. V8.

Please see: https://communities.bmc.com/docs/DOC-72852

For any other files created by the actual job scripts, you could add a command to your job scripts to explicitly set the umask to your preferred value before the commands that create the files, or add commands to the end of your job to explicitly chgrp/chmod the resulting files the way you want.

Whenever you're setting up a new job scheduler or other automation system, you might want to create a small script like this:

#!/bin/sh
exec > /tmp/environment-check-$(date +%Y%m%d-%H%M%S)
echo "Command string was: $0"
echo "Command line arguments:"
for i in "$@"
do
echo "$i"
done echo "Current username is: $(whoami)" echo "id command output:" id echo "Current directory is: $(pwd)"
echo "Umask value is: $(umask)"
echo "TTY device is: $(tty)" echo "Locale settings are:" locale echo "Soft ulimits are:" ulimit -a echo "Hard ulimits are:" ulimit -a -H echo "Environment variables:" printenv

Then have your automation tool run this script once (i.e. schedule the script for running), and then read the resulting file in /tmp/environment-check-<timestamp>. It will tell you exactly what kind of shell environment is provided by the automation tool.

Yes, in theory the environment should match what you get by simply logging onto the system with the proper username. But in practice, some shells have a pretty complex logic on which startup scripts they run and which they don't, depending on whether the shell session is interactive (= has a TTY device associated with it) or not, and/or whether the session is started as a login shell (= first character of $0 is "-") or not.

MK