read permission on rotated logs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Maybe I'm missing something here but doesn't logrotate have the 'postrotate ... endscript' block for its configuration files where you can run any command you desire?


Leroy Tennison
Network Information/Cyber Security Specialist
E: leroy@xxxxxxxxxxxxxxxx
2220 Bush Dr
McKinney, Texas
75070
www.datavoiceint.com
This message has been sent on behalf
of a company that is part of the Harris Operating Group of
Constellation Software Inc. These companies are listed
here
.
If you prefer not to be contacted by Harris
Operating Group
please notify us
.
This message is intended exclusively for the
individual or entity to which it is addressed. This communication
may contain information that is proprietary, privileged or
confidential or otherwise legally exempt from disclosure. If you are
not the named addressee, you are not authorized to read, print,
retain, copy or disseminate this message or any part of it. If you
have received this message in error, please notify the sender
immediately by e-mail and delete all copies of the
message.

________________________________________
From: CentOS <centos-bounces@xxxxxxxxxx> on behalf of Alice Wonder <alice@xxxxxxxxxxxxxx>
Sent: Wednesday, March 13, 2019 5:13 PM
To: centos@xxxxxxxxxx
Subject: [EXTERNAL]  read permission on rotated logs

When logs (e.g. /var/log/maillog) are rotated (e.g. to
/var/log/maillog-YYYYMDD) is there a way via systemd or whatever to
assign read permission to a specific group?

Right now, for example -

ls -l maillog*
-rw------- 1 root root 3105240 Mar 13 22:04 maillog
-rw------- 1 root root 1079031 Feb 24 04:39 maillog-20190224
-rw------- 1 root root 7237640 Mar  1 12:59 maillog-20190228
-rw------- 1 root root 1297508 Mar  3 04:21 maillog-20190303
-rw------- 1 root root 1319371 Mar 10 08:17 maillog-20190310

What I would like -

ls -l maillog*
-rw------- 1 root root 3105240 Mar 13 22:04 maillog
-rw-r----- 1 root somegroup 1079031 Feb 24 04:39 maillog-20190224
-rw-r----- 1 root somegroup 7237640 Mar  1 12:59 maillog-20190228
-rw-r----- 1 root somegroup 1297508 Mar  3 04:21 maillog-20190303
-rw-r----- 1 root somegroup 1319371 Mar 10 08:17 maillog-20190310

That way a user in somegroup could run a script that analyzes the
rotated logs w/o needing root privileges.

Obviously I could put a script in /etc/cron.hourly that looks for
rotated log files and changes ownership / permission, but I am wondering
if there is a "proper" way to configure it via systemd or another utility.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux