Who is rotating the logs? If logrotate then setfacl may be the way to go https://bugzilla.redhat.com/show_bug.cgi?id=666677
[root@centos7 ~]# touch /var/log/my.log
[root@centos7 ~]# ls -al /var/log/my.log
-rw-r--r--. 1 root root 0 Sep 21 07:01 /var/log/my.log
[root@centos7 ~]# chmod 600 /var/log/my.log
[root@centos7 ~]# sudo su - vagrant
Last login: Thu Sep 21 07:01:36 UTC 2017 from 10.0.2.2 on pts/0
[vagrant@centos7 ~]$ cat /var/log/my.log
cat: /var/log/my.log: Permission denied
[vagrant@centos7 ~]$ exit
logout
[root@centos7 ~]# setfacl -m u:vagrant:r /var/log/my.log
[root@centos7 ~]# sudo su - vagrant
Last login: Thu Sep 21 07:03:05 UTC 2017 on pts/0
[vagrant@centos7 ~]$ cat /var/log/my.log
[vagrant@localhost ~]$ getfacl /var/log/my.log
getfacl: Removing leading '/' from absolute path names
# file: var/log/my.log
# owner: root
# group: root
user::rw-
user:vagrant:r--
group::---
mask::r--
other::---
Marcin
On Wed, Sep 20, 2017 at 2:07 PM, ABHISHEK PALIWAL <abhishpaliwal@xxxxxxxxx> wrote:
I have modified the source code and its working fine but only below two files permission is not getting change even after modification.
1. cli.log
2. file which contains the mounting information for "mount -t glusterfs" command--On Wed, Sep 20, 2017 at 5:20 PM, Kaleb S. KEITHLEY <kkeithle@xxxxxxxxxx> wrote:On 09/18/2017 09:22 PM, ABHISHEK PALIWAL wrote:
> Any suggestion would be appreciated...
>
> On Sep 18, 2017 15:05, "ABHISHEK PALIWAL" <abhishpaliwal@xxxxxxxxx
> <mailto:abhishpaliwal@xxxxxxxxm >> wrote:
>
> Any quick suggestion.....?
>
> On Mon, Sep 18, 2017 at 1:50 PM, ABHISHEK PALIWAL
> <abhishpaliwal@xxxxxxxxx <mailto:abhishpaliwal@xxxxxxxxm >> wrote:
>
> Hi Team,
>
> As you can see permission for the glusterfs logs in
> /var/log/glusterfs is 600.
>
> drwxr-xr-x 3 root root 140 Jan 1 00:00 ..
> *-rw------- 1 root root 0 Jan 3 20:21 cmd_history.log*
> drwxr-xr-x 2 root root 40 Jan 3 20:21 bricks
> drwxr-xr-x 3 root root 100 Jan 3 20:21 .
> *-rw------- 1 root root 2102 Jan 3 20:21
> etc-glusterfs-glusterd.vol.log*
>
> Due to that non-root user is not able to access these logs
> files, could you please let me know how can I change these
> permission. So that non-root user can also access these log files.
>
There is no "quick fix." Gluster creates the log files with 0600 — like
nearly everything else in /var/log.
The admin can chmod the files, but when the logs rotate the new log
files will be 0600 again.
You'd have to patch the source and rebuild to get different permission bits.
You can probably do something with ACLs, but as above, when the logs
rotate the new files won't have the ACLs.
--
Kaleb
Regards
Abhishek Paliwal
_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://lists.gluster.org/mailman/listinfo/gluster-users
_______________________________________________ Gluster-users mailing list Gluster-users@xxxxxxxxxxx http://lists.gluster.org/mailman/listinfo/gluster-users
