So (user) hobbit is in group adm
ll shows the file is owned by group adm
(user) hobbit can not read the file?
Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373
On Tue, Mar 29, 2011 at 1:00 AM, Adam Goryachev <adam at websitemanagers.com.au
wrote:
On 29/03/2011 3:40 PM, David Baldwin wrote:
On 29/03/11 3:34 PM, Adam Goryachev wrote:
On 29/03/2011 3:09 PM, David Baldwin wrote:
Finally, here is all the info I can see on the file: hobbit at host:/var/log$ stat /var/log/messages File: `/var/log/messages' Size: 21353 Blocks: 48 IO Block: 1048576 regular file Device: eh/14d Inode: 4202796 Links: 1 Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 4/ adm) Access: 2011-03-28 20:21:00.000000000 +1100 Modify: 2011-03-29 13:27:00.000000000 +1100 Change: 2011-03-29 13:27:00.000000000 +1100
I'm running a fairly standard Debian lenny
The root user has no problem reading/writing the file/etc....
Any pointers would be appreciated.... My solution to this one is to modify /etc/logrotate.d/syslog and change group permissions on the file in question. A better solution might be to use ACLs, but I tried that once and ran into an issue where '-r' test didn't respect ACLs when checking it could read the log file! That may have been back in the days of BB even... Group permissions haven't caused any issues anyway :) Thanks for your suggestion, but I have other processes that rely on the adm group having access to the log files, and I don't want to make them world readable.
Sorry, didn't read all your message closely enough.
The very short problem is:
- I am a user with a supplemental group (adm)
- I have a file with my supplemental group (adm) which is group readable
- I can't read the file
I understand permissions, groups, etc very well, I understand logrotate and it's config files, but I am stumped as to why this isn't working.... Did you restart the hobbit client process after you changed the group membership of the hobbit user? Yes, this problem has been around for a while, I've rebooted the system a number of times as well....
Regards, Adam
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon