[Xymon] Xymon Digest, Vol 25, Issue 11

Mike Burger mburger at bubbanfriends.org
Thu Feb 14 13:41:54 CET 2013


>> Message: 1
>> Date: Wed, 13 Feb 2013 08:11:14 -0500 (EST)
>> From: "Mike Burger" <mburger at bubbanfriends.org>
>> To: "Jonathan Bishop" <jtkbishop at gmail.com>
>> Cc: xymon at xymon.com
>> Subject: Re: [Xymon] histlog file permissions
>> Message-ID:
>> 	<9606.209.43.25.133.1360761074.squirrel at www.bubbanfriends.org>
>> Content-Type: text/plain;charset=iso-8859-1
>>
>> > Hi.
>> >
>> > I recently noticed I'm not able to view the history log file via the
>> > web interface. I can see that when it was working the histlog files
>> > had permissions of 644. For some reason they are now written with 640
>> > permissions and xymon is unable to display them. If I manually chmod
>> > to 644 xymon can read them.
>>>
>>> I should also mention that xymon:xymon has ownership of these files.
>
> To me this sounds more like a user-ID problem than a file permissions
> problem.
>
> If the file is 644, then owner, group and world/other can read it.
> If file is 640, then owner and group but NOT world/other can read it.
> When the histlog file is 640 then your copy of xymon can't read the file.
>
> This seems to indicate that the user identity that xymon is running under
> is NOT the same user identity as wrote the history logfile (not even in
> the same group!).
>
> Check the user id for the xymond process (ps -ef | grep xymond) .
>
> I'm guessing what's happened is something like the xymon server was
> shutdown possibly for a reconfig or an upgrade and then it was restarted
> under the wrong user identity.
>
> Good luck with sorting it out,
> Steff

Hello, Steff,

Unfortunately, the above would be inaccruate. Xymon reads/writes the files
just fine, but the web server is replying with an inability to read the
history/log files.

The 640 permission coupled with the xymon:xymon ownership indicates that
the xymon user, under which the processes are running and, can read/write
and any user in the xymon group can read the file in question, while no
other user can.

Jonathan did reply to me, offlist, indicating that adding xymon to the
apache user's group set, thereby granting read access to the files in
question, fixed his issue.

-- 
Mike Burger
http://www.bubbanfriends.org

"It's always suicide-mission this, save-the-planet that. No one ever just
stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1





More information about the Xymon mailing list