reading /var/log/* as user

sw · 2009-07-15 20:53:55

Ok, I feel a bit silly for asking this . Why can't I read /var/log/auth.log (and other logs) files as a user? I'm a member of adm and log groups, and have logged out/in again. I can only read logs while sudoing. What haven't I done?

If I 'chmod +r' it, it will get reset on the next reboot. It seems to reset it after running rc.local, as putting the chmod in there doesn't work.

Thanks!

brisbin33 · 2009-07-15 21:06:22

do ls -l on /var/log and see which logs are available to the group log (not all are). also see what permissions are set for said logs.

in my case:

> ll /var/log/auth.log
-rw-r----- 1 root log 22K 2009-07-15 16:59 /var/log/auth.log

so, /var/log/auth.log is root:log and permissions are 640 (readable by group, log). i didn't do anything special to achieve this so i don't know why yours is different

sw · 2009-07-15 21:13:50

$ ls -l /var/log
total 4420
drwxr-xr-x 2 root root     4096 2009-07-11 13:57 ConsoleKit
-rw-r--r-- 1 root users   37142 2009-07-15 20:44 Xorg.0.log
-rw-r--r-- 1 root users   37822 2009-07-15 07:38 Xorg.0.log.old
-rw-r----- 1 root root    66392 2009-07-15 21:41 auth.log
-rw-r--r-- 1 root root    64308 2009-07-12 16:01 bootchart.tgz
-rw------- 1 root root        0 2009-07-11 13:11 btmp
-rw-r--r-- 1 root root     3698 2009-07-15 22:01 crond
-rw-r----- 1 root root   376571 2009-07-15 20:44 daemon.log
-rw-r--r-- 1 root root    22467 2009-07-15 20:44 dmesg.log
-rw-r----- 1 root root    10797 2009-07-15 21:14 errors.log
-rw-r----- 1 root root  1491246 2009-07-15 22:01 everything.log
-rw------- 1 root root    32032 2009-07-11 19:48 faillog
-rw-r----- 1 root root  1104476 2009-07-15 21:23 kernel.log
-rw-r--r-- 1 root root   292292 2009-07-11 19:48 lastlog
-rw-r----- 1 root root   795608 2009-07-15 22:01 messages.log
drwxr-xr-x 2 root root     4096 2009-06-07 20:37 old
-rw-r--r-- 1 root root    41941 2009-07-14 21:29 pacman.log
drwxr-xr-x 2 root root     4096 2009-06-24 14:19 samba
-rw-r--r-- 1 root root    44404 2009-07-15 20:44 soundon.log
-rw-r----- 1 root root     4940 2009-07-15 20:44 syslog.log
-rw-r----- 1 root root     4900 2009-07-15 20:44 user.log
-rw-r--r-- 1 root root   304896 2009-07-15 20:44 wtmp

So mine aren't owned by the log group. I will try changing the group. But I suspect it may get reset when rebooting. I'll give it a go. Cheers!

sw · 2009-07-15 21:19:58

It seems to work fine after reboot! thanks!

One last question, are all your log files owned by group log? Thanks again

Edit: Actually this doesn't matter too much as auth.log is all I care about. I'll put 'chown root:log /var/log/auth.log' into local.rc so when the log files are rotated the new auth.log will be owned by log. Actually do files get rotated at boot, or any old time when they start getting big? I might have to cron it.

I wonder why were mine not owned by log in the first place, it's like this on both my boxes. O well, thanks for the help brisbin!

Last edited by sw (2009-07-15 21:47:23)

fukawi2 · 2009-07-15 22:46:28

sw wrote:

I'll put 'chown root:log /var/log/auth.log' into local.rc so when the log files are rotated the new auth.log will be owned by log.

Ick. Nasty hack.

Put this in /etc/logrotate.conf

create 640 root log

sw · 2009-07-16 06:26:39

ah, I didn't know about that. That's much better. Thanks!

Last edited by sw (2009-07-16 06:26:51)

Arch Linux

#1 2009-07-15 20:53:55

reading /var/log/* as user

#2 2009-07-15 21:06:22

Re: reading /var/log/* as user

#3 2009-07-15 21:13:50

Re: reading /var/log/* as user

#4 2009-07-15 21:19:58

Re: reading /var/log/* as user

#5 2009-07-15 22:46:28

Re: reading /var/log/* as user

#6 2009-07-16 06:26:39

Re: reading /var/log/* as user

Board footer