Permission changing for /var/log/httpd
Tom Ekberg
tekberg at uw.edu
Fri Jun 3 18:00:44 UTC 2016
That was a good guess, but the logrotate setting for httpd says:
create 640 root adm
The other 3 create lines in /etc/logrotate.d/ are for other log files.
Tom Ekberg
From: m.roth at 5-cent.us
To: "General Red Hat Linux discussion list" <redhat-list at redhat.com>
Subject: Re: Permission changing for /var/log/httpd
Message-ID:
<306c4036d45edc3036a876df868edf9b.squirrel at host290.hostmonster.com>
Content-Type: text/plain;charset=utf-8
Tom Ekberg wrote:
I have a non-root cron job that needs to look at files in /var/log/httpd
and transfer them (scp) to another host. That user is a member of group
adm and I changed the ownership of /var/log/httpd to root:adm and set
permissions to 750. This works file as the cron job can read the files.
The problem is that once a month some process changes the ownership of
this directory to root:root and permissions to 700. I looked at the audit
logs and can see this happen but I have no idea what process is doing
this. I looked at /etc/cron.monthly and there is only one entry that
doesn't appear to cause that. Do you happen to know what process changes
the ownership and permission of /var/log/httpd?
Mark Added:
Possibly the log rotation.
mark
More information about the redhat-list
mailing list