top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Setting log file permissions upon creation?

+2 votes
491 views

Is there a way to force Tomcat to set permissions on log files when they’re created? It seems as though this would be something defined in the logging.properties file, but it doesn’t seem like it’s an option.

I want the permissions of all log files created (on server startup/log rollover) to be 640. The only way I can think of doing this is either adding the command to the startup script, or by running a cron job every hour or so. However, if there is a way to make sure the log files are never more permissive than 640, that would be greatly preferable.

posted Dec 17, 2013 by Seema Siddique

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+2 votes
 
Best answer
  1. Create a setenv.sh file in $CATALINA_BASE/bin.
  2. Add the following:
    #!/bin/bash
    umask 0026
answer Dec 17, 2013 by Dewang Chaudhary
Thanks,
Just a quick question - won't this make ALL files Tomcat creates the same permission? Instead of just the log files?
This is true, but shouldn't be a problem.

If you're running on a system that has ACL, then you could try the  following:
cd $CATALINA_BASE
setfacl -n -d -m u::rwx,g::rx,o::- logs

Read the setfacl / getfacl manual pages for more info. To restore (remove the access control lists), run the following:
cd $CATALINA_BASE
setfacl -b logs
Similar Questions
+1 vote

My development setup is Win7 while my production is RHEL6. Both of the environments have the same settings in conf/logging.properties but the files in logs/ are slightly different.

The access logs are named the same way. But on RHEL there's no tomcat7-stdout or tomcat7-stderr log files. Just 'catalina.out.YEAR.MO.DY' and the cumulative "catalina.out" with no date.

What accounts for the differences? Also, how would you stop logging to the 'catalina.out' file. It gets unusably gigantic within a few days.

+1 vote

I have a script-service running on a remote server, listening on a specific port. What i need here is to make this also maintain a log file of ALL incoming connections.

Could someone suggest to me a simple codefunction example to implement that on my main running service?

+1 vote

For my project I need to know that - is there a way to log or capture the cause of android reboot, whether user manually powered off / rebooted the devices or wether system_server got restarted by adb kill or it was watchdog who restarted the device.

+2 votes

My Apache server host few applications something like :

/var/www/A
/var/www/B

I would like to trace access for a specific application, eg. A. Is it possible?

Or should I use 'LogLevel info' and so log all applications into access.log file (then parsing for specific web page) ?

My config for logging is :

..
ErrorLog /var/log/apache2/error.log
LogLevel info
CustomLog /var/log/apache2/access.log combined
..
+1 vote

I have got a bash script that has two parts.
1. runs a script as a different user (using su -c )
2. when that part finishes, the script does a copy of the files created to another directory
I want to log the output of the entire script into one file. i.e.: internal script>external script> logfile
Whats the best way to do this?

...