[Gluster-devel] [Gluster-users] Permission for glusterfs logs.

Marcin Dulak marcin.dulak at gmail.com
Thu Sep 21 07:09:39 UTC 2017


Who is rotating the logs? If logrotate then setfacl may be the way to go
https://bugzilla.redhat.com/show_bug.cgi?id=666677

[root at centos7 ~]# touch /var/log/my.log
[root at centos7 ~]# ls -al /var/log/my.log
-rw-r--r--. 1 root root 0 Sep 21 07:01 /var/log/my.log
[root at centos7 ~]# chmod 600 /var/log/my.log
[root at centos7 ~]# sudo su - vagrant
Last login: Thu Sep 21 07:01:36 UTC 2017 from 10.0.2.2 on pts/0
[vagrant at centos7 ~]$ cat /var/log/my.log
cat: /var/log/my.log: Permission denied
[vagrant at centos7 ~]$ exit
logout
[root at centos7 ~]# setfacl -m u:vagrant:r /var/log/my.log
[root at centos7 ~]# sudo su - vagrant
Last login: Thu Sep 21 07:03:05 UTC 2017 on pts/0
[vagrant at centos7 ~]$ cat /var/log/my.log
[vagrant at localhost ~]$ getfacl /var/log/my.log
getfacl: Removing leading '/' from absolute path names
# file: var/log/my.log
# owner: root
# group: root
user::rw-
user:vagrant:r--
group::---
mask::r--
other::---

Marcin


On Wed, Sep 20, 2017 at 2:07 PM, ABHISHEK PALIWAL <abhishpaliwal at gmail.com>
wrote:

> I have modified the source code and its working fine but only below two
> files permission is not getting change even after modification.
>
> 1. cli.log
> 2. file which contains the mounting information for "mount -t glusterfs"
> command
>
> On Wed, Sep 20, 2017 at 5:20 PM, Kaleb S. KEITHLEY <kkeithle at redhat.com>
> wrote:
>
>> On 09/18/2017 09:22 PM, ABHISHEK PALIWAL wrote:
>> > Any suggestion would be appreciated...
>> >
>> > On Sep 18, 2017 15:05, "ABHISHEK PALIWAL" <abhishpaliwal at gmail.com
>> > <mailto:abhishpaliwal at gmail.com>> wrote:
>> >
>> >     Any quick suggestion.....?
>> >
>> >     On Mon, Sep 18, 2017 at 1:50 PM, ABHISHEK PALIWAL
>> >     <abhishpaliwal at gmail.com <mailto:abhishpaliwal at gmail.com>> wrote:
>> >
>> >         Hi Team,
>> >
>> >         As you can see permission for the glusterfs logs in
>> >         /var/log/glusterfs is 600.
>> >
>> >         drwxr-xr-x 3 root root  140 Jan  1 00:00 ..
>> >         *-rw------- 1 root root    0 Jan  3 20:21 cmd_history.log*
>> >         drwxr-xr-x 2 root root   40 Jan  3 20:21 bricks
>> >         drwxr-xr-x 3 root root  100 Jan  3 20:21 .
>> >         *-rw------- 1 root root 2102 Jan  3 20:21
>> >         etc-glusterfs-glusterd.vol.log*
>> >
>> >         Due to that non-root user is not able to access these logs
>> >         files, could you please let me know how can I change these
>> >         permission. So that non-root user can also access these log
>> files.
>> >
>>
>> There is no "quick fix."  Gluster creates the log files with 0600 — like
>> nearly everything else in /var/log.
>>
>> The admin can chmod the files, but when the logs rotate the new log
>> files will be 0600 again.
>>
>> You'd have to patch the source and rebuild to get different permission
>> bits.
>>
>> You can probably do something with ACLs, but as above, when the logs
>> rotate the new files won't have the ACLs.
>>
>>
>>
>> --
>>
>> Kaleb
>>
>
>
>
> --
>
>
>
>
> Regards
> Abhishek Paliwal
>
> _______________________________________________
> Gluster-users mailing list
> Gluster-users at gluster.org
> http://lists.gluster.org/mailman/listinfo/gluster-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gluster.org/pipermail/gluster-devel/attachments/20170921/f1cc6d22/attachment.html>


More information about the Gluster-devel mailing list