You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
On a regular basis our BigFix and Nessus security scans flag a couple of PS log file for to open permission settings:
/var/log/pscheduler/pscheduler.log = 0644
/var/log/perfsonar/owamp.log = 0664
Both with “perfsonar:adm” user/group settings.
I have temporarily changed both to 0640 and left the user:group unchanged. This seems to work and I do not see any issues with logging or perfSONAR functionality. However, as these settings are part of the logrotate function under /etc/logrotate.d for:
pscheduler-server and perfsonar-toolkit-systemenv-testpoint these get reset for every log rotation.
Can you see an issue with me altering the log rotate settings for future log file permissions to be set to remove “r” for other? Both set to 0640?
The text was updated successfully, but these errors were encountered:
On a regular basis our BigFix and Nessus security scans flag a couple of PS log file for to open permission settings:
/var/log/pscheduler/pscheduler.log = 0644
/var/log/perfsonar/owamp.log = 0664
Both with “perfsonar:adm” user/group settings.
I have temporarily changed both to 0640 and left the user:group unchanged. This seems to work and I do not see any issues with logging or perfSONAR functionality. However, as these settings are part of the logrotate function under /etc/logrotate.d for:
pscheduler-server and perfsonar-toolkit-systemenv-testpoint these get reset for every log rotation.
Can you see an issue with me altering the log rotate settings for future log file permissions to be set to remove “r” for other? Both set to 0640?
The text was updated successfully, but these errors were encountered: