You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@logging.apache.org by "Jeff Gullett (JIRA)" <ji...@apache.org> on 2018/01/30 22:41:00 UTC
[jira] [Created] (LOG4J2-2238) Insufficient Permissions Error when
Rolling Log Files
Jeff Gullett created LOG4J2-2238:
------------------------------------
Summary: Insufficient Permissions Error when Rolling Log Files
Key: LOG4J2-2238
URL: https://issues.apache.org/jira/browse/LOG4J2-2238
Project: Log4j 2
Issue Type: Bug
Components: Appenders
Affects Versions: 2.9.1
Environment: CentOS 6.6 (32-bit)
Java 8u151 (32-bit)
Reporter: Jeff Gullett
Fix For: 2.11.0
I have an application utilizing Log4j2 using a rolling file appender. Within each appender, I set the log file permissions using the new "filePermissions" attribute to be 644 (rw-r--r--). If I run my application as "root", then try to run as any other user, I receive an error with the text:
ERROR RollingFileManager (/var/log/myApp/Info.log) java.io.FileNotFoundException: /var/log/myApp/Info.log (Permission denied) java.io.FileNotFoundException: var/log.myApp/Info.log (Permission denied)
at java.io.FileOutputStream.open0 (Native Method)
at java.io.FileOutputStream.open(FileOutputStream.java:270)
at java.io.FileOutputStream.<init>(FileOutputStream.java:213)
at java.io.FileOutputStream.<init>(FileOutputStream.java:133)
at ...appender.rolling.RollingFileManager$RollingFileManagerFactory.createManager(RollingFileManager.java:640)
at ...appender.rolling.RollingFileManager$RollingFileManagerFactory.createManager(RollingFileManager.java:608)
at ...appender.AbstractManager.getManager(AbstractManager.java:113)
at ...appender.OutputStreamManager.getManager(OutputStreamManager.java:188)
...
My configuration file is like the following:
<?xml version="1.0" encoding="utf-8"?>
<Configuration>
<Appenders>
<RollingFile name="InfoLog" fileName="/var/log/myApp/Info.log" filePattern="/var/log/myApp/Info%d\{yyyy-MM-dd}.%i.log" filePermissions="rw-r-r-">
<Policies>
<OnStartupTriggeringPolicy />
<TimeBasedTriggeringPolicy modulate="true" />
<SizeBasedTriggeringPolicy size="16MB" />
</Policies>
<DefaultRolloverStrategy max="9999">
<Delete basePath="/var/log/myApp">
<IfLastModified age="365d" />
</Delete>
</DefaultRolloverStrategy>
</RollingFile>
</Appenders>
<Loggers>
<Rool level="debug">
<AppenderRef ref="InfoLog" level="info" />
</Root>
</Loggers>
</Configuration>
I have verified that the permissions on "/var/log/myApp" are 777 (rwxrwxrwx). I have also verified that as a non-root user, I am able to move an existing log file (e.g., "mv Info.log Info_Archive.log" works when running as non-root user, even though running my application as that user results in the aforementioned error). My expectation is that the file would be moved, a new file created, then the output stream opened. However, it appears from the error that the output stream is opened, then the log file renamed, and finally a new log file created and opened. This issue is preventing me from assigning 777 permissions to all log files, but I don't want to give all users full permission to my log files.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)