The user wants to change the default permissions of the log file /var/log/messages to make it world-writeable. How can this be done using rsyslog?
Solution
The /etc/syslog.conf file is the configuration file for the syslogd daemon that tells the daemon where to send the log entries it receives. $FileCreateMode and $umask are the two relevant directives defined the the sryslog configuration file that can be utilized as many times as needed to configure permissions on rsyslog-created log files.
The default values of these parameter are:
- $FileCreateMode 0644
- $umask 0077
If the $umask directives are not present in a rsyslog configuration, all files will be created with 600 permissions, i.e. rw——-, regardless of the use of any $FileCreateMode directives.
Making /var/log/messages file world-writable
To make a log file world-readable, simply add a $umask 0022 directive immediately before the rule that creates the log file (and be sure to reset the umask after that rule). For example:
$umask 0022 # FileCreationMode defaults to 644, so does not need to be modified # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none /var/log/messages $umask 0077 # Reset the umask so /var/log/secure stays 600 # The authpriv file has restricted access. authpriv.* /var/log/secure
Troubleshooting
For simplicity’s sake, $umask can be completely ignored and file-permissions can be controlled entirely by the usage of $FileCreateMode. To go this route, set $umask 0000 at the beginning of rsyslog.conf and then use $FileCreateMode as required. If $umask is specified multiple times in the configuration file, results may be unpredictable. It is recommended to specify it only once.
