You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@logging.apache.org by "Jeff Gullett (JIRA)" <ji...@apache.org> on 2018/01/30 22:41:00 UTC

[jira] [Created] (LOG4J2-2238) Insufficient Permissions Error when Rolling Log Files

Jeff Gullett created LOG4J2-2238:
------------------------------------

             Summary: Insufficient Permissions Error when Rolling Log Files
                 Key: LOG4J2-2238
                 URL: https://issues.apache.org/jira/browse/LOG4J2-2238
             Project: Log4j 2
          Issue Type: Bug
          Components: Appenders
    Affects Versions: 2.9.1
         Environment: CentOS 6.6 (32-bit)
Java 8u151 (32-bit)
            Reporter: Jeff Gullett
             Fix For: 2.11.0


I have an application utilizing Log4j2 using a rolling file appender.  Within each appender, I set the log file permissions using the new "filePermissions" attribute to be 644 (rw-r--r--). If I run my application as "root", then try to run as any other user, I receive an error with the text:

ERROR RollingFileManager (/var/log/myApp/Info.log) java.io.FileNotFoundException: /var/log/myApp/Info.log (Permission denied) java.io.FileNotFoundException: var/log.myApp/Info.log (Permission denied)
        at java.io.FileOutputStream.open0 (Native Method)
        at java.io.FileOutputStream.open(FileOutputStream.java:270)
        at java.io.FileOutputStream.<init>(FileOutputStream.java:213)
        at java.io.FileOutputStream.<init>(FileOutputStream.java:133)
        at ...appender.rolling.RollingFileManager$RollingFileManagerFactory.createManager(RollingFileManager.java:640)
        at ...appender.rolling.RollingFileManager$RollingFileManagerFactory.createManager(RollingFileManager.java:608)
        at ...appender.AbstractManager.getManager(AbstractManager.java:113)
        at ...appender.OutputStreamManager.getManager(OutputStreamManager.java:188)
        ...

My configuration file is like the following:

<?xml version="1.0" encoding="utf-8"?>
<Configuration>
  <Appenders>
    <RollingFile name="InfoLog" fileName="/var/log/myApp/Info.log" filePattern="/var/log/myApp/Info%d\{yyyy-MM-dd}.%i.log" filePermissions="rw-r-r-">
      <Policies>
        <OnStartupTriggeringPolicy />
        <TimeBasedTriggeringPolicy modulate="true" />
        <SizeBasedTriggeringPolicy size="16MB" />
      </Policies>
      <DefaultRolloverStrategy max="9999">
        <Delete basePath="/var/log/myApp">
          <IfLastModified age="365d" />
        </Delete>
      </DefaultRolloverStrategy>
    </RollingFile>
  </Appenders>
  <Loggers>
    <Rool level="debug">
      <AppenderRef ref="InfoLog" level="info" />
    </Root>
  </Loggers>
</Configuration>

I have verified that the permissions on "/var/log/myApp" are 777 (rwxrwxrwx).  I have also verified that as a non-root user, I am able to move an existing log file (e.g., "mv Info.log Info_Archive.log" works when running as non-root user, even though running my application as that user results in the aforementioned error).  My expectation is that the file would be moved, a new file created, then the output stream opened.  However, it appears from the error that the output stream is opened, then the log file renamed, and finally a new log file created and opened.  This issue is preventing me from assigning 777 permissions to all log files, but I don't want to give all users full permission to my log files.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)