On 29/03/11 3:34 PM, Adam Goryachev wrote:
On 29/03/2011 3:09 PM, David Baldwin wrote:
Finally, here is all the info I can see on the file:
hobbit at host:/var/log$ stat /var/log/messages
File: `/var/log/messages'
Size: 21353 Blocks: 48 IO Block: 1048576 regular file
Device: eh/14d Inode: 4202796 Links: 1
Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 4/ adm)
Access: 2011-03-28 20:21:00.000000000 +1100
Modify: 2011-03-29 13:27:00.000000000 +1100
Change: 2011-03-29 13:27:00.000000000 +1100
I'm running a fairly standard Debian lenny
The root user has no problem reading/writing the file/etc....
Any pointers would be appreciated....
My solution to this one is to modify /etc/logrotate.d/syslog and change
group permissions on the file in question. A better solution might be to
use ACLs, but I tried that once and ran into an issue where '-r' test
didn't respect ACLs when checking it could read the log file! That may
have been back in the days of BB even... Group permissions haven't
caused any issues anyway :)
Thanks for your suggestion, but I have other processes that rely on the
adm group having access to the log files, and I don't want to make them
world readable.
Sorry, didn't read all your message closely enough.
The very short problem is:
1) I am a user with a supplemental group (adm)
2) I have a file with my supplemental group (adm) which is group readable
3) I can't read the file
I understand permissions, groups, etc very well, I understand logrotate
and it's config files, but I am stumped as to why this isn't working....
Did you restart the hobbit client process after you changed the group
membership of the hobbit user?