What are the applications? What is the directory structure? Is the
permission problem on a directory or a file? What user account owns
the application process? Is the app un-doing your manual permission
changes on existing files and directories, or just not granting read
permission to new objects?
in house apps running out of /opt/<appname> and logging into
/opt/<appname>/logs and are running as user <appname>
need to have world read on /opt/<appname>/logs
when permissions are 'manually' set when the app is redeployed it seems
that the world read is removed (i am investigating why this is)
If an application so chooses, it can set whatever permissions it wants
on newly created files. It may even have logic to alter the
permissions on existing files. You may not be able to control it from
the OS level.
Or, it could be as simple as setting (or changing) the umask in the
application startup script.
i was hoping at the OS level i could limit what the app could do with
the permissions as the app is not running as root. it seems i cant do
that so i will need to look at how the app is deployed and why the perms
are being reset/overwritten.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
