Re: Log file permissions?

Alvaro Herrera wrote:
> Vivek Khera wrote:
>
>> On Jan 31, 2008, at 10:21 AM, Alvaro Herrera wrote:
>>
>>
>>> I think you should be able to chmod the files after they have been
>>> created. The postmaster changes its umask to 0077, so no file is
>>> group-readable. I don't think is configurable either.
>>>
>> just move the logs into a subdir which has permissions applied to it,
>> then not worry about the files inside, since nobody can break through
>> the directory anyhow.
>>
>
> That doesn't work because the files won't be readable by anyone but the
> postgres user.
>
>
You could just write a cron job that periodically goes to the log
directory and changes the permissions on the existing log files to allow
reading by whatever group owns the log files, then make nagios a member
of that group. Even if the log file is currently in use, once you
change the permissions, they should stick. Of course, there would be a
permission change lag between the time the log file switch occurs and
the cron job runs...

As to Alvaro's recommendation of having a setting to change the log
group, I think another idea would be to have a 'log_rotate_script'
setting...thus allowing a script to be called with the log file name
after a log file is rotated. In such a case one could archive off
existing files, and since the switch to a new log file had already
occurred, also change permissions, etc if needed.

--
Chander Ganesan
The Open Technology Group
One Copley Parkway, Suite 210
Morrisville, NC 27560
Phone: 877-258-8987/919-463-0999
http://www.otg-nc.com