Remember, that this would effect every file create by apache or any children (like cronlog). If there are CGI script that create files, these will be effected too. By putting an ACL on the log directory, you kind of limit the "scope" of the change. My ACL on our log directory looks like: # file: apache2 # owner: root # group: apache user::rwx group::rwx #effective:rwx mask:rwx other:r-x default:user::rwx default:group::r-x default:mask:r-x default:other:--- Dan Please respond to users@xxxxxxxxxxxxxxxx To: users@xxxxxxxxxxxxxxxx cc: (bcc: Dan Mitton/YD/RWDOE) Subject: Re: Permissions dilemma in the /var/log/httpd directory LSN: Not Relevant User Filed as: Not a Record I think that worked! Just by adding umask 022 in apachectl startup script and restarting apache. Thanks Mukarram Syed <muksyed@xxxxxxxxx> wrote: I'll try that. Thanks. Dan_Mitton@xxxxxxxxxxxxx wrote: Have you tried setting the umask in your apache startup script? I'm running on Sun Solaris and I've used ACL's to get the permissions I want. Dan Please respond to users@xxxxxxxxxxxxxxxx To: users@xxxxxxxxxxxxxxxx cc: (bcc: Dan Mitton/YD/RWDOE) Subject: Permissions dilemma in the /var/log/httpd directory LSN: Not Relevant User Filed as: Not a Record Hi, Here is my dilemma and I'd appreciate some help. Apache has been configured and is running fine. But other users need read permissions to the /var/log/httpd directory. Before I implemented cronolog (www.cronolog.org), I forced a permissions change to 755 in the startup script for the /var/log/httpd directory. After I implemented cronolog this does not work, since cronolog automatically changes permissions to 400. Is there a way to force permissions to 644 at least in the httpd.conf file and keep it that way even after cronolog rotates logs. I could implement chmod -R 755 /var/log/httpd via cron at midnight, but this is a crude way of doing thing. I hope there is a better, elegant way, via Apache. I again appreciate any inputs to this. thanks # mukarram syed Mukarram Syed muksyed@xxxxxxxxx Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx Mukarram Syed muksyed@xxxxxxxxx Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. Mukarram Syed muksyed@xxxxxxxxx Need a vacation? Get great deals to amazing places on Yahoo! Travel. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|