HPE Community
Operating System - HP-UX
1834696 Members
2098 Online
110069 Solutions
New Discussion

/var/adm/syslog/syslog.log permissions change after reboot.

 
SOLVED
Go to solution
Daniel Simard
Frequent Advisor

‎03-06-2003 07:09 AM

‎03-06-2003 07:09 AM

/var/adm/syslog/syslog.log permissions change after reboot.

For security purposes, I set the permissions of /var/adm/syslog/syslog.log to 640. Problem is. When I reboot (even as a test), it puts the permissions back to 644!
I think it's because it creates a new syslog and copies the old one to OLDsyslog.log.

Now where does the 644 come from ? Umask 022 in /etc/profile ?? I would like to continue to have umask022 BUT i don't want to have syslog revert to 644 everytime it is rebooted. I have over 40 servers!.

Thanks, Any ideas ?
Si tu n'as pas ce que tu aimes, aimes ce que tu as.
0 Kudos
Reply
5 REPLIES 5
John Poff
Honored Contributor

‎03-06-2003 07:11 AM

‎03-06-2003 07:11 AM

Solution

Re: /var/adm/syslog/syslog.log permissions change after reboot.

Hi,

It gets created by the /sbin/init.d/syslogd script. That script moves the syslog to OLDsyslog at boot and creates a new syslog file. You could add a line to that script that would change the permissions of syslog back to 640. The only bad part is that your modification could get overwritten by a future patch to that script from HP.

JP
Reply
Pete Randall
Outstanding Contributor

‎03-06-2003 07:12 AM

‎03-06-2003 07:12 AM

Re: /var/adm/syslog/syslog.log permissions change after reboot.

Add another startup script that runs at the end and changes the permissions.

Pete

Pete
Reply
Steve Steel
Honored Contributor

‎03-06-2003 07:17 AM

‎03-06-2003 07:17 AM

Re: /var/adm/syslog/syslog.log permissions change after reboot.

Hi

Another startup script is the best solution or put it in the roots .profile or /etc/profile


if [ "$LOGNAME" = "root" ]
then
chmod 640 /var/adm/syslog/syslog.log
fi

First login then will fix.


Steve steel
If you want truly to understand something, try to change it. (Kurt Lewin)
Reply
Martin Johnson
Honored Contributor

‎03-06-2003 07:19 AM

‎03-06-2003 07:19 AM

Re: /var/adm/syslog/syslog.log permissions change after reboot.

You should check your applications, especially third party, to verify they don't write to the syslog. Remember, the syslog is a respository on the health of the system and can be used by applications other than OS utilities.

We have webmethods, weblogic, apache and vignette, as well as our own applications, writing messages to syslog that we monitor using ITO.

HTH
Marty
Reply
S.K. Chan
Honored Contributor

‎03-06-2003 07:20 AM

‎03-06-2003 07:20 AM

Re: /var/adm/syslog/syslog.log permissions change after reboot.

I take it then you want to tighten the permission of syslog.log file .. audit requirement ? Another way to approach this is you can choose not to log everything to syslog.log by changing /etc/syslog.conf. It can be "re-routed" to another file of your choice that you may have more control of.
just an idea ..
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.