[plug] log permissions and squid problem
Matt Kemner
zombie at wasp.net.au
Sun Nov 11 12:43:31 WST 2001
On Sun, 11 Nov 2001, Arkem wrote:
> Here's an idle question and a long problem. What is the recommended
> permissions for log files and /var/log/?
I usually set them to mode 640, chgrp'd to "admin" so the staff that need
to have access to the logs, do so.
> security risk but who should have the permission to read logs, do
> logs need execute permissions?
No they don't, but the directory they are in do - all directories need to
have execute permissions for a user, for that user to be able to access
any files in that directory.
> mornmist squid[5770]: Cannot open '/var/log/squid/access.log' for
> writing. ^IThe parent directory must be writeable by the ^Iuser
> 'proxy',
> It appears to me that squid is crashing because it can't write to the
> log files... but after a quick chmod of the log files (even changed
> the permissions to 666 and it didn't help) the problem wasn't solved
> and I'm all out of ideas.
The error is referring to the parent directory which the logs reside in,
not the logs themselves.
What are your permissions on /var/log/ and /var/log/squid?
/var/log/ should have at least mode 711 (owned by root), and
/var/log/squid should also have at least mode 711 (owned by proxy)
- Matt
More information about the plug
mailing list