cancel
Showing results for 
Search instead for 
Did you mean: 

syslog error

 
himacs
Super Advisor

syslog error

Hi Admins,

As the part of hardening i have to reassign the syslog with 600 permission.But we use a normal user to grep the syslog.log to list the login details for which we have script.

So i have set acl read permission for the normal user with syslog.log file.But its showing permission denied.I have tested with full acl permission(rwx).But no use.

My requirement is, i want to give 600 permission to syslog file and normal user should access the syslog file for login details.


Please suggest

Regards
himacs
7 REPLIES
Johnson Punniyalingam
Honored Contributor

Re: syslog error

>>>

My requirement is, i want to give 600 permission to syslog file and normal user should access the syslog file for login details.<<<

by default syslog file permission has read access permission

Example :-

rw-r-r syslog.log


Problems are common to all, but attitude makes the difference
Johnson Punniyalingam
Honored Contributor

Re: syslog error

>>i want to give 600 permission to syslog file<<

if you give "600: permission to syslog"

normal user have no access i mean (r=read)

by default file permission should has below

rw-r-r syslog.log

# chmod 644 syslog.log


simple explanation of rwx

(r = read = 4)
(w = write = 2)
(x = excute = 1)


Problems are common to all, but attitude makes the difference
himacs
Super Advisor

Re: syslog error

Hi Johnson,

Thanx for ur time..

defaukt permission is 644.

But as the part of hardening m making it as 600.

ANd m giving ACL permission to a normal user to read syslogs.But it showing permission denied.

regards
himacs
Johnson Punniyalingam
Honored Contributor

Re: syslog error

>>But as the part of hardening m making it as 600<<

never came across these kind of "hardening" ?

owner of the file is "root", I d'not see any point here. by default its "syslog.log" carries readonly permission for others /normal users

by default "syslog.log" which has "rw-r-r"
perfect - Its my understanding



Problems are common to all, but attitude makes the difference
Johnson Punniyalingam
Honored Contributor

Re: syslog error


Hope this Helps,

http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1258822839871+28353475&threadId=1046300
Problems are common to all, but attitude makes the difference
himacs
Super Advisor

Re: syslog error



Hi

please find the getacl output


/var/adm/syslog>getacl syslog.log
# file: syslog.log
# owner: root
# group: root
user::rw-
user:uxgsmc:rw- #effective:---
group::r-- #effective:---
class:---
other:---
/var/adm/syslog>more syslog.log
syslog.log: Permission denied

here its showing effective as ---.

Plz suggest

Regards
himacs
dirk dierickx
Honored Contributor

Re: syslog error

perhaps you could use sudo, limit that user to do only grep on the syslog?

it's a possible work around.