[Xymon] Hobbit Permission Problem

David Baldwin david.baldwin at ausport.gov.au
Tue Mar 29 06:40:23 CEST 2011


On 29/03/11 3:34 PM, Adam Goryachev wrote:
> On 29/03/2011 3:09 PM, David Baldwin wrote:
>>> Finally, here is all the info I can see on the file:
>>> hobbit at host:/var/log$ stat /var/log/messages
>>>   File: `/var/log/messages'
>>>   Size: 21353           Blocks: 48         IO Block: 1048576 regular file
>>> Device: eh/14d  Inode: 4202796     Links: 1
>>> Access: (0640/-rw-r-----)  Uid: (    0/    root)   Gid: (    4/     adm)
>>> Access: 2011-03-28 20:21:00.000000000 +1100
>>> Modify: 2011-03-29 13:27:00.000000000 +1100
>>> Change: 2011-03-29 13:27:00.000000000 +1100
>>>
>>> I'm running a fairly standard Debian lenny
>>>
>>> The root user has no problem reading/writing the file/etc....
>>>
>>> Any pointers would be appreciated....
>> My solution to this one is to modify /etc/logrotate.d/syslog and change
>> group permissions on the file in question. A better solution might be to
>> use ACLs, but I tried that once and ran into an issue where '-r' test
>> didn't respect ACLs when checking it could read the log file! That may
>> have been back in the days of BB even... Group permissions haven't
>> caused any issues anyway :)
> Thanks for your suggestion, but I have other processes that rely on the
> adm group having access to the log files, and I don't want to make them
> world readable.
>
Sorry, didn't read all your message closely enough.
> The very short problem is:
> 1) I am a user with a supplemental group (adm)
> 2) I have a file with my supplemental group (adm) which is group readable
> 3) I can't read the file
>
> I understand permissions, groups, etc very well, I understand logrotate
> and it's config files, but I am stumped as to why this isn't working....

Did you restart the hobbit client process after you changed the group
membership of the hobbit user?

David.

-- 
David Baldwin - IT Unit
Australian Sports Commission          www.ausport.gov.au
Tel 02 62147830 Fax 02 62141830       PO Box 176 Belconnen ACT 2616
david.baldwin at ausport.gov.au          Leverrier Street Bruce ACT 2617


-------------------------------------------------------------------------------------
Keep up to date with what's happening in Australian sport visit http://www.ausport.gov.au

This message is intended for the addressee named and may contain confidential and privileged information. If you are not the intended recipient please note that any form of distribution, copying or use of this communication or the information in it is strictly prohibited and may be unlawful. If you receive this message in error, please delete it and notify the sender.
-------------------------------------------------------------------------------------



More information about the Xymon mailing list