/var/log/messages default ownership
Hello
I found and article for rhel 4 & 5 on how to change the default ownership of /var/adm/messages, what is the equivilnent of this in redhat 7 ?
Had a look at the rsyslog.conf man page, but it does not seem to mention anything about file permissions
Regards
Miles
Responses
Guru
6827 points
Hi Miles,
I'll see what others say as well, but from my experience "/var/adm/messages" was where Oracle Solaris (previously known as Solaris by Sun Microsystems) has their messages file. In RHEL Linux for years, it is under /var/log/messages
One of the current Oracle Solaris systems (version 11) has /var/adm/messages with Octal permissions of 600 (rw-------) and ownership of root, with the group root
A couple of my RHEL Linux systems (a workstation and server) have /var/log/messages with the same permissions and ownership above. Also see this Red Hat solution https://access.redhat.com/solutions/39827 entitled "How to configure permissions of log files created by rsyslog ".
Community Member
39 points
Yep sorry that was my mistake, I meant /var/log/messages, /var/adm/messages is as you say solaris' location for the messages file.
And thankyou for the link, It seems to be exaclty what i needed, I promise i searched first!
So in conclusion to achive what i was after I added the following lines to /etc/rsylog.conf (below), moved the existing messages file to messages.old and restarted the rsyslogd (/etc/init.d/rsyslog restart)
...
RULES Log all kernel messages to the console. Logging much else clutters up the screen. kern.* /dev/console Log anything (except mail) of level info or higher. Don't log private authentication messages!$umask 0022 # change nemask for /var/log/messages *.info;mail.none;authpriv.none;cron.none /var/log/messages
The authpriv file has restricted access.$umask 0077 # set the umask back to 600 for all files below. authpriv.* /var/log/secure ...
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.