Ubuntu

why can't change /var/log/messages property?

Asked by Leo Tsai

Hi, guys.

I want to monitor my Ubuntu Server 8.10 with Big Brother.
Big Brother need to read /var/log/messages, but the /var/log/messages is 640 (-rw-r-----).
It can't be reade by Bog Brother. I have set "chomd 644 /var/log/messages".
A few days later, I checked the /var/log/messages is 640.
How can I do ?

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Steve McGrath (smcgrath23) said : 		#1

This is because of logrotate creating a new log file and renaming the old one to messages.1, messages.2.gz, etc. There are two solutions I can think of:

Add whatever user Big Brother runs as too the 'adm' group which has permission to view the logs, with the following command:
sudo gpasswd -a <username> adm
Where <username> is the user that Big Brother is running as.

-OR-

Edit the file /etc/logrotate.d/rsyslog to create /var/log/messages with different permissions:
Find the section that looks like this:

/var/log/messages
{
 rotate 4
 weekly
 missingok
 notifempty
 compress
 delaycompress
 sharedscripts
 postrotate
  reload rsyslog >/dev/null 2>&1 || true
 endscript
}
and change it like so:
{
 rotate 4
 weekly
 create 0644 syslog adm
        missingok
 notifempty
 compress
 delaycompress
 sharedscripts
 postrotate
  reload rsyslog >/dev/null 2>&1 || true
 endscript
}

That will cause logrotate to create the file with the permissions you want.

Can you help with this problem?

Provide an answer of your own, or ask Leo Tsai for more information if necessary.

To post a message you must log in.