Permissions on logs ...

Permissions on logs ...

Post by Theodore TOUR » Sun, 23 Jun 2002 23:19:48



On Sat, 22 Jun 2002 09:28:50 +0000


> Hi,
> I 'caught' one of my users checking out sendmail's logs (hence the X-post,
> my apologies if it's not appropriate) the other day, so ran a chmod 700 on
> /var/log/maillog*.  

> This morning, I note that ...

>    lievre# ls -l /var/log/maillog*
>    -rw-r--r--  1 root  wheel  15401 Jun 22 09:08 /var/log/maillog
>    -rwx------  1 root  wheel   9747 Jun 22 00:00 /var/log/maillog.0.gz
>    -rw-r--r--  1 root  wheel  15256 Jun 21 00:00 /var/log/maillog.1.gz
>    -rw-r--r--  1 root  wheel  15829 Jun 20 00:00 /var/log/maillog.2.gz
>    -rw-r--r--  1 root  wheel  20758 Jun 19 00:00 /var/log/maillog.3.gz
>    -rw-r--r--  1 root  wheel   4854 Jun 18 00:00 /var/log/maillog.4.gz
>    -rw-r--r--  1 root  wheel   2679 Jun 17 00:00 /var/log/maillog.5.gz
>    -rw-r--r--  1 root  wheel   3631 Jun 16 00:00 /var/log/maillog.6.gz
>    -rw-r--r--  1 root  wheel   3172 Jun 15 00:00 /var/log/maillog.7.gz

> No doubt effected when lievre turned over the logs.

> Two questions, if I may : one, does either (or both) FreeBSD or sendmail
> _need_ the logs to have these permissions, and if not, how can I prevent
> the system from changing them from 700 ?

> Thanks.  

> --
> Desmond Coughlan      |CUNT#1 YGL#4 YFC#1 YFB#1 UKRMMA#14 two#38
> Yamaha FJR1300        |BONY#48 ANORAK#11

> http: // www . zeouane . org

vi /etc/newsyslog.conf
there is all what you need there.

--
toury_t [G.O.B.I.E.] project
Graphic OpenBSD Installation Engine
http://www.gobie.net

 
 
 

Permissions on logs ...

Post by Conrad Sabatie » Sun, 23 Jun 2002 21:22:30




Quote:>Hi,
>I 'caught' one of my users checking out sendmail's logs (hence the X-post,
>my apologies if it's not appropriate) the other day, so ran a chmod 700 on
>/var/log/maillog*.  

>This morning, I note that ...

>    lievre# ls -l /var/log/maillog*
>    -rw-r--r--  1 root  wheel  15401 Jun 22 09:08 /var/log/maillog
>    -rwx------  1 root  wheel   9747 Jun 22 00:00 /var/log/maillog.0.gz
>    -rw-r--r--  1 root  wheel  15256 Jun 21 00:00 /var/log/maillog.1.gz
>    -rw-r--r--  1 root  wheel  15829 Jun 20 00:00 /var/log/maillog.2.gz
>    -rw-r--r--  1 root  wheel  20758 Jun 19 00:00 /var/log/maillog.3.gz
>    -rw-r--r--  1 root  wheel   4854 Jun 18 00:00 /var/log/maillog.4.gz
>    -rw-r--r--  1 root  wheel   2679 Jun 17 00:00 /var/log/maillog.5.gz
>    -rw-r--r--  1 root  wheel   3631 Jun 16 00:00 /var/log/maillog.6.gz
>    -rw-r--r--  1 root  wheel   3172 Jun 15 00:00 /var/log/maillog.7.gz

>No doubt effected when lievre turned over the logs.

>Two questions, if I may : one, does either (or both) FreeBSD or sendmail
>_need_ the logs to have these permissions, and if not, how can I prevent
>the system from changing them from 700 ?

I'm not sure if sendmail absolutely *must* have these permissions
(probably not).  You can change them in /etc/syslog.conf and
/etc/newsyslog.conf.

--