RSYSLOG doesn't properly enforce file creation mode on CentOS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Fuel for OpenStack |
Fix Committed
|
Medium
|
Bartłomiej Piotrowski |
Bug Description
Environment: Fuel 6.0/CentOS (Ubuntu deployments not affected).
The files created by RSYSLOG don't have the expected permissions. As per configuration [1], it should be 0640 but in practice, it is 0600.
# ls -lart /var/log | tail
-rw------- 1 root adm 350162 Feb 26 13:45 user.log
-rw------- 1 root adm 331940 Feb 26 13:45 syslog
-rw-r--r-- 1 root root 108680 Feb 26 13:45 nailgun-agent.log
-rw------- 1 root adm 280435 Feb 26 13:45 glance-all.log
-rw------- 1 root adm 392592 Feb 26 13:45 nova-all.log
-rw------- 1 root adm 301429 Feb 26 13:45 keystone-all.log
-rw------- 1 root adm 429508 Feb 26 13:45 cinder-all.log
-rw-------. 1 root root 643551 Feb 26 13:45 messages
-rw------- 1 root adm 232350 Feb 26 13:45 daemon.log
-rw------- 1 root adm 593830 Feb 26 13:45 sudo.log
As discussed on the RSYSLOG mailing list [2], adding "$umask 0000" to /etc/rsyslog.conf fixes the issue.
[1] https:/
[1] http://
Changed in fuel: | |
status: | New → Triaged |
importance: | Undecided → Medium |
milestone: | none → 6.1 |
assignee: | nobody → Fuel Library Team (fuel-library) |
tags: | added: low-hanging-fruit |
Changed in fuel: | |
assignee: | Fuel Library Team (fuel-library) → Bartlomiej Piotrowski (bpiotrowski) |
Fix proposed to branch: master /review. openstack. org/161139
Review: https:/