You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by GitBox <gi...@apache.org> on 2021/06/30 19:42:19 UTC

[GitHub] [trafficserver] bneradt commented on issue #4729: logfile permissions

bneradt commented on issue #4729:
URL: https://github.com/apache/trafficserver/issues/4729#issuecomment-871677761


   The ATS chmod calls are actually a configurable feature. We have three separate records.config parameters for this:
   
   * [proxy.config.output.logfile_perm](https://docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html#proxy-config-output-logfile-perm)
   * [proxy.config.log.logfile_perm](https://docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html#proxy-config-log-logfile-perm)
   * [proxy.config.diags.logfile_perm](https://docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html#proxy-config-diags-logfile-perm)
   
   These each take a full Unix DAC specification (`rw-rw----`, e.g.). Between these three, you should be able to control all permission modifications on all log files written to by Traffic Server. I verified on one of our internal ATS boxes that this is the case for our set of log files. (Notice the documented comment about umask and how that limits what permissions ATS can set, however.) The permissions are changed upon the first write to a particular log file after the service comes up.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org