Project

General

Profile

Bug #19232

Fix /var/log/foreman/ permissions

Added by Sean O'Keeffe over 3 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Packaging
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

/var/log/foreman/production.log is world readable but /var/log/foreman/ isn't world executable I cannot read it. We should make these consistent.

I suggest making /var/log/foreman/production.log not world readable.

[vagrant@centos7-katello-3-3 ~]$ sudo ls ld /var/log/foreman/
drwxr-x--
. 3 foreman foreman 4096 Apr 7 10:40 /var/log/foreman/
[vagrant@centos7-katello-3-3 ~]$ sudo ls l /var/log/foreman/production.log
-rw-r--r-
. 1 foreman foreman 73200 Apr 10 08:15 /var/log/foreman/production.log
[vagrant@centos7-katello-3-3 ~]$ tail /var/log/foreman/production.log
tail: cannot open ‘/var/log/foreman/production.log’ for reading: Permission denied

Also available in: Atom PDF