RSYSLOG doesn't properly enforce file creation mode on CentOS
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Fuel for OpenStack |
Fix Committed
|
Medium
|
Bartłomiej Piotrowski | ||
Bug Description
Environment: Fuel 6.0/CentOS (Ubuntu deployments not affected).
The files created by RSYSLOG don't have the expected permissions. As per configuration [1], it should be 0640 but in practice, it is 0600.
# ls -lart /var/log | tail
-rw------- 1 root adm 350162 Feb 26 13:45 user.log
-rw------- 1 root adm 331940 Feb 26 13:45 syslog
-rw-r--r-- 1 root root 108680 Feb 26 13:45 nailgun-agent.log
-rw------- 1 root adm 280435 Feb 26 13:45 glance-all.log
-rw------- 1 root adm 392592 Feb 26 13:45 nova-all.log
-rw------- 1 root adm 301429 Feb 26 13:45 keystone-all.log
-rw------- 1 root adm 429508 Feb 26 13:45 cinder-all.log
-rw-------. 1 root root 643551 Feb 26 13:45 messages
-rw------- 1 root adm 232350 Feb 26 13:45 daemon.log
-rw------- 1 root adm 593830 Feb 26 13:45 sudo.log
As discussed on the RSYSLOG mailing list [2], adding "$umask 0000" to /etc/rsyslog.conf fixes the issue.
[1] https:/
[1] http://
| Changed in fuel: | |
| status: | New → Triaged |
| importance: | Undecided → Medium |
| milestone: | none → 6.1 |
| assignee: | nobody → Fuel Library Team (fuel-library) |
| tags: | added: low-hanging-fruit |
| Changed in fuel: | |
| assignee: | Fuel Library Team (fuel-library) → Bartlomiej Piotrowski (bpiotrowski) |
| OpenStack Infra (hudson-openstack) wrote Fix proposed to fuel-library (master) | #1 |
| Changed in fuel: | |
| status: | Triaged → In Progress |
| OpenStack Infra (hudson-openstack) wrote Fix merged to fuel-library (master) | #2 |
| Changed in fuel: | |
| status: | In Progress → Fix Committed |
Fix proposed to branch: master
Review: https:/