AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.

 View Only

  • 1.  permissions on new log files (parent child permission inheritance)

    Posted Thu June 19, 2008 02:38 AM

    Originally posted by: SystemAdmin


    Hi

    WebSphere is running with the permission of root and in log directory, creating log files.the umask of root is 077. the log files should be available to application users to read.

    -rw------- 1 root system 1048619 Jun 19 11:57 log_001

    Please help me in this situation. I cannot give read permission to the files manually nor I want any script to be added in cron to change permision.

    Just like Microsoft Windows, parent child inheritance facility, is there any solution in unix.

    Regards
    Amit Bist


  • 2.  Re: permissions on new log files (parent child permission inheritance)

    Posted Thu June 19, 2008 08:52 AM

    Originally posted by: tony.evans


    Access to individual files is controlled by the file ownership and permissions. The ability to create / delete files is also affected by the directory ownership / permissions.

    Are you able to tell WebSphere which permissions to put on the log files through the WebSphere configuration?


  • 3.  Re: permissions on new log files (parent child permission inheritance)

    Posted Fri June 20, 2008 01:45 AM

    Originally posted by: SystemAdmin


    No, I am not.

    Lets think about another scenerio.

    According to the security reasons, umask for all users is set to 700.

    Now one user ftp some files to another server and those log files should be readable by others in his group.

    sgid is set on directory so that any file created takes group ownership of directory group.

    but there will not be read permission on files for group even.

    In that case, what should be done. I find the inheritance feature of Microsoft Windows could help me if that was in AIX.

    Regards
    Amit Bist


  • 4.  Re: permissions on new log files (parent child permission inheritance)

    Posted Fri June 20, 2008 10:46 AM

    Originally posted by: MarkTaylor


    Install websphere on Windows then and leave us alone ;)

    Ok, your scenario, Websphere runs as root with the group system witha umask of 077 .. so log files are created as root.system, but read/write for owner == root .. so, what is the issue ? you want users other than root to be able to read these files without specifically changing the perms or I am guessing changing the umask for root ? You may have some joy with ACLs .. check out the man pages for acledit and aclget and aclput .. I have never had much luck with those though .. good luck ..another thing you could do is set up a sudo to run a script to dump the contents of the logs ? both involve work ..

    Rgds
    Mark Taylor


  • 5.  Re: permissions on new log files (parent child permission inheritance)

    Posted Mon June 23, 2008 04:16 AM

    Originally posted by: tony.evans


    "Now one user ftp some files to another server and those log files should be readable by others in his group."

    Then when they finish ftp'ing the files they should issue a chmod (SITE chmod).


Related Content