You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by stevethames <st...@softlife.com> on 2007/03/02 17:06:55 UTC
log4j, fileappender, owner, group, and umask
I am using tomcat as a servlet server used by a mod_perl application running
under apache. I have setup log4j and log4perl to that both tomcat and the
Perl app can use the same log files. This all works fine.
The problem I'm having is when tomcat creates the log file. Does anyone
know how to set the log file owner, group, and permissions when FileAppender
creates the log file?
--
View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] log4j, fileappender, owner, group, and umask
Posted by stevethames <st...@softlife.com>.
Here's the thing about umask.
In the Unix file system, file permissions is an octal value with one digit
for each user type. When using chmod, these permissions can be set directly
and do not require a leading zero.
chmod 664 file
Each digit represents a user class and each bit within the digit represents
a permission.
Digits are from left to right. Values are shown:
Digit 0 (6) = User (Owner)
Digit 1 (6) = Group
Digit 2 (4) = Others
Bits within each digit are from right to left. Values for each digit are
shown.
Bit 0 (0,0,0) = Execute
Bit 1 (1,1,0) = Write
Bit 2 (1,1,1) = Read
The chmod command, above, sets the permissions to rw for the owner (user),
rw for the group, and r for all others. In symbolic form, this would be
chmod u=rw,g=rw,o=r
The confusing thing about umask is that, in octal form, the value represents
a bit mask--not a bit value as shown above. Therefore, it does not set a
bit value but masks a bit value from being set. In addition, the octal
umask value has no effect on the execute permission bit. This must be set
using chmod.
Examples:
umask 0222 says "turn off write permissions for all user classes and allow
only read."
umask 0044 says "Allow read/write for the owner but allow only write for
group/others."
umask 0066 says "Allow read/write for the owner and no access for
group/others."
Its confusing because we're used to using chmod nnn and umask 0nnn is
bass-akwards from that.
I hope this is helpful.
Daniel Stephens wrote:
>
> Ok cool.. I just had a round with our umask and groups being setup
> incorrectly. just a mess.
>
> On 3/6/07, stevethames <st...@softlife.com> wrote:
>>
>>
>> Thanks for the input, Dan.
>>
>> Actually, I am aware of how permissions. The question is how to set
>> permissions, owner, group on a log file created by FileAppender when it
>> actually creates the log file.
>>
>> For the moment, I have solved the problem by using a separate log file
>> for
>> tomcat.
>>
>> Daniel Stephens wrote:
>> >
>> > If they are all the same group, then I would suggest just setting the
>> > umask
>> > to 022 or 027.. But let me say I'm not a Unix admin and I'm not a 100%
>> > sure
>> > of all the down falls here. I do know that 022 will work I've done some
>> > things with my source code, and others in my group not able to "write"
>> to
>> > it, but they needed to. I'm attaching this link, so you can check out
>> some
>> > of that settings. Sorry if your already familiar with these Admin
>> > concepts..
>> >
>> >
>> > http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/395-398.html
>> >
>> > On 3/2/07, stevethames <st...@softlife.com> wrote:
>> >>
>> >>
>> >> Hi Dan. Thanks for responding.
>> >>
>> >> Yes, that's true, the file is owned by the tomcat user. My mod_perl
>> >> stuff
>> >> runs under "apache" (the httpd user) and I have some Perl daemons that
>> >> run
>> >> as root. In Perl, using log4perl, I can set the owner, group, and
>> umask
>> >> of
>> >> the log file for file creation. I have a reason for keeping the user
>> IDs
>> >> (apache, tomcat, root) as they are. So, what I've done is made them
>> all
>> >> part of the same group. Its the group and group permissions I need to
>> >> set
>> >> on the log file using FileAppender.
>> >>
>> >> Any thoughts?
>> >>
>> >>
>> >> Daniel Stephens wrote:
>> >> >
>> >> > I would think if your using Tomcat as the Servlet container, The
>> file
>> >> > itself
>> >> > would be owned by the account running Tomcat. Is this not the case?
>> >> >
>> >> > On 3/2/07, stevethames <st...@softlife.com> wrote:
>> >> >>
>> >> >>
>> >> >> I am using tomcat as a servlet server used by a mod_perl
>> application
>> >> >> running
>> >> >> under apache. I have setup log4j and log4perl to that both tomcat
>> and
>> >> >> the
>> >> >> Perl app can use the same log files. This all works fine.
>> >> >>
>> >> >> The problem I'm having is when tomcat creates the log file. Does
>> >> anyone
>> >> >> know how to set the log file owner, group, and permissions when
>> >> >> FileAppender
>> >> >> creates the log file?
>> >> >> --
>> >> >> View this message in context:
>> >> >>
>> >>
>> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184
>> >> >> Sent from the Tomcat - User mailing list archive at Nabble.com.
>> >> >>
>> >> >>
>> >> >>
>> ---------------------------------------------------------------------
>> >> >> To start a new topic, e-mail: users@tomcat.apache.org
>> >> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> >> For additional commands, e-mail: users-help@tomcat.apache.org
>> >> >>
>> >> >>
>> >> >
>> >> >
>> >>
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9274733
>> >> Sent from the Tomcat - User mailing list archive at Nabble.com.
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To start a new topic, e-mail: users@tomcat.apache.org
>> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> For additional commands, e-mail: users-help@tomcat.apache.org
>> >>
>> >>
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9335296
>> Sent from the Tomcat - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
--
View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9343742
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] log4j, fileappender, owner, group, and umask
Posted by Daniel Stephens <da...@gmail.com>.
Ok cool.. I just had a round with our umask and groups being setup
incorrectly. just a mess.
On 3/6/07, stevethames <st...@softlife.com> wrote:
>
>
> Thanks for the input, Dan.
>
> Actually, I am aware of how permissions. The question is how to set
> permissions, owner, group on a log file created by FileAppender when it
> actually creates the log file.
>
> For the moment, I have solved the problem by using a separate log file for
> tomcat.
>
> Daniel Stephens wrote:
> >
> > If they are all the same group, then I would suggest just setting the
> > umask
> > to 022 or 027.. But let me say I'm not a Unix admin and I'm not a 100%
> > sure
> > of all the down falls here. I do know that 022 will work I've done some
> > things with my source code, and others in my group not able to "write"
> to
> > it, but they needed to. I'm attaching this link, so you can check out
> some
> > of that settings. Sorry if your already familiar with these Admin
> > concepts..
> >
> >
> > http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/395-398.html
> >
> > On 3/2/07, stevethames <st...@softlife.com> wrote:
> >>
> >>
> >> Hi Dan. Thanks for responding.
> >>
> >> Yes, that's true, the file is owned by the tomcat user. My mod_perl
> >> stuff
> >> runs under "apache" (the httpd user) and I have some Perl daemons that
> >> run
> >> as root. In Perl, using log4perl, I can set the owner, group, and
> umask
> >> of
> >> the log file for file creation. I have a reason for keeping the user
> IDs
> >> (apache, tomcat, root) as they are. So, what I've done is made them
> all
> >> part of the same group. Its the group and group permissions I need to
> >> set
> >> on the log file using FileAppender.
> >>
> >> Any thoughts?
> >>
> >>
> >> Daniel Stephens wrote:
> >> >
> >> > I would think if your using Tomcat as the Servlet container, The file
> >> > itself
> >> > would be owned by the account running Tomcat. Is this not the case?
> >> >
> >> > On 3/2/07, stevethames <st...@softlife.com> wrote:
> >> >>
> >> >>
> >> >> I am using tomcat as a servlet server used by a mod_perl application
> >> >> running
> >> >> under apache. I have setup log4j and log4perl to that both tomcat
> and
> >> >> the
> >> >> Perl app can use the same log files. This all works fine.
> >> >>
> >> >> The problem I'm having is when tomcat creates the log file. Does
> >> anyone
> >> >> know how to set the log file owner, group, and permissions when
> >> >> FileAppender
> >> >> creates the log file?
> >> >> --
> >> >> View this message in context:
> >> >>
> >>
> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184
> >> >> Sent from the Tomcat - User mailing list archive at Nabble.com.
> >> >>
> >> >>
> >> >>
> ---------------------------------------------------------------------
> >> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >> >>
> >> >>
> >> >
> >> >
> >>
> >> --
> >> View this message in context:
> >>
> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9274733
> >> Sent from the Tomcat - User mailing list archive at Nabble.com.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9335296
> Sent from the Tomcat - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: [OT] log4j, fileappender, owner, group, and umask
Posted by stevethames <st...@softlife.com>.
Thanks for the input, Dan.
Actually, I am aware of how permissions. The question is how to set
permissions, owner, group on a log file created by FileAppender when it
actually creates the log file.
For the moment, I have solved the problem by using a separate log file for
tomcat.
Daniel Stephens wrote:
>
> If they are all the same group, then I would suggest just setting the
> umask
> to 022 or 027.. But let me say I'm not a Unix admin and I'm not a 100%
> sure
> of all the down falls here. I do know that 022 will work I've done some
> things with my source code, and others in my group not able to "write" to
> it, but they needed to. I'm attaching this link, so you can check out some
> of that settings. Sorry if your already familiar with these Admin
> concepts..
>
>
> http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/395-398.html
>
> On 3/2/07, stevethames <st...@softlife.com> wrote:
>>
>>
>> Hi Dan. Thanks for responding.
>>
>> Yes, that's true, the file is owned by the tomcat user. My mod_perl
>> stuff
>> runs under "apache" (the httpd user) and I have some Perl daemons that
>> run
>> as root. In Perl, using log4perl, I can set the owner, group, and umask
>> of
>> the log file for file creation. I have a reason for keeping the user IDs
>> (apache, tomcat, root) as they are. So, what I've done is made them all
>> part of the same group. Its the group and group permissions I need to
>> set
>> on the log file using FileAppender.
>>
>> Any thoughts?
>>
>>
>> Daniel Stephens wrote:
>> >
>> > I would think if your using Tomcat as the Servlet container, The file
>> > itself
>> > would be owned by the account running Tomcat. Is this not the case?
>> >
>> > On 3/2/07, stevethames <st...@softlife.com> wrote:
>> >>
>> >>
>> >> I am using tomcat as a servlet server used by a mod_perl application
>> >> running
>> >> under apache. I have setup log4j and log4perl to that both tomcat and
>> >> the
>> >> Perl app can use the same log files. This all works fine.
>> >>
>> >> The problem I'm having is when tomcat creates the log file. Does
>> anyone
>> >> know how to set the log file owner, group, and permissions when
>> >> FileAppender
>> >> creates the log file?
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184
>> >> Sent from the Tomcat - User mailing list archive at Nabble.com.
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To start a new topic, e-mail: users@tomcat.apache.org
>> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> >> For additional commands, e-mail: users-help@tomcat.apache.org
>> >>
>> >>
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9274733
>> Sent from the Tomcat - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
--
View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9335296
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] log4j, fileappender, owner, group, and umask
Posted by Daniel Stephens <da...@gmail.com>.
If they are all the same group, then I would suggest just setting the umask
to 022 or 027.. But let me say I'm not a Unix admin and I'm not a 100% sure
of all the down falls here. I do know that 022 will work I've done some
things with my source code, and others in my group not able to "write" to
it, but they needed to. I'm attaching this link, so you can check out some
of that settings. Sorry if your already familiar with these Admin concepts..
http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/395-398.html
On 3/2/07, stevethames <st...@softlife.com> wrote:
>
>
> Hi Dan. Thanks for responding.
>
> Yes, that's true, the file is owned by the tomcat user. My mod_perl stuff
> runs under "apache" (the httpd user) and I have some Perl daemons that run
> as root. In Perl, using log4perl, I can set the owner, group, and umask
> of
> the log file for file creation. I have a reason for keeping the user IDs
> (apache, tomcat, root) as they are. So, what I've done is made them all
> part of the same group. Its the group and group permissions I need to set
> on the log file using FileAppender.
>
> Any thoughts?
>
>
> Daniel Stephens wrote:
> >
> > I would think if your using Tomcat as the Servlet container, The file
> > itself
> > would be owned by the account running Tomcat. Is this not the case?
> >
> > On 3/2/07, stevethames <st...@softlife.com> wrote:
> >>
> >>
> >> I am using tomcat as a servlet server used by a mod_perl application
> >> running
> >> under apache. I have setup log4j and log4perl to that both tomcat and
> >> the
> >> Perl app can use the same log files. This all works fine.
> >>
> >> The problem I'm having is when tomcat creates the log file. Does
> anyone
> >> know how to set the log file owner, group, and permissions when
> >> FileAppender
> >> creates the log file?
> >> --
> >> View this message in context:
> >>
> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184
> >> Sent from the Tomcat - User mailing list archive at Nabble.com.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9274733
> Sent from the Tomcat - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: [OT] log4j, fileappender, owner, group, and umask
Posted by stevethames <st...@softlife.com>.
Hi Dan. Thanks for responding.
Yes, that's true, the file is owned by the tomcat user. My mod_perl stuff
runs under "apache" (the httpd user) and I have some Perl daemons that run
as root. In Perl, using log4perl, I can set the owner, group, and umask of
the log file for file creation. I have a reason for keeping the user IDs
(apache, tomcat, root) as they are. So, what I've done is made them all
part of the same group. Its the group and group permissions I need to set
on the log file using FileAppender.
Any thoughts?
Daniel Stephens wrote:
>
> I would think if your using Tomcat as the Servlet container, The file
> itself
> would be owned by the account running Tomcat. Is this not the case?
>
> On 3/2/07, stevethames <st...@softlife.com> wrote:
>>
>>
>> I am using tomcat as a servlet server used by a mod_perl application
>> running
>> under apache. I have setup log4j and log4perl to that both tomcat and
>> the
>> Perl app can use the same log files. This all works fine.
>>
>> The problem I'm having is when tomcat creates the log file. Does anyone
>> know how to set the log file owner, group, and permissions when
>> FileAppender
>> creates the log file?
>> --
>> View this message in context:
>> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184
>> Sent from the Tomcat - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
--
View this message in context: http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9274733
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: log4j, fileappender, owner, group, and umask
Posted by Daniel Stephens <da...@gmail.com>.
I would think if your using Tomcat as the Servlet container, The file itself
would be owned by the account running Tomcat. Is this not the case?
On 3/2/07, stevethames <st...@softlife.com> wrote:
>
>
> I am using tomcat as a servlet server used by a mod_perl application
> running
> under apache. I have setup log4j and log4perl to that both tomcat and the
> Perl app can use the same log files. This all works fine.
>
> The problem I'm having is when tomcat creates the log file. Does anyone
> know how to set the log file owner, group, and permissions when
> FileAppender
> creates the log file?
> --
> View this message in context:
> http://www.nabble.com/log4j%2C-fileappender%2C-owner%2C-group%2C-and-umask-tf3334405.html#a9272184
> Sent from the Tomcat - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>