Permissions defined in /etc/rsyslog.conf are not getting applied on /var/log/boot.log

Root Cause

• In Red Hat Enterprise Linux 6 & 7, plymouth is the component responsible for recording those messages in /var/log/boot.log when the root filesystem becomes writeable. Red Hat Enterprise Linux 6 & 7 are based on a newer code base and will integrate the "Plymouth" boot infrastructure.

• The permissions 644 are the only mode /var/log/boot.log is created with and its not configurable.

        ply_logger_open_file (ply_logger_t    *logger,
                              const char      *filename,
                              bool             world_readable)
        {
          int fd;
          mode_t mode;

          assert (logger != NULL);
          assert (filename != NULL);

          if (world_readable)
            mode = 0644;
          else
            mode = 0600;

          fd = open (filename, PLY_LOGGER_OPEN_FLAGS, mode);

• Above function gets called as below:

           log_is_opened = ply_logger_open_file (session->logger, filename, true);
           if (log_is_opened)

and we can see that only "true" is always passed to word_readable which is going to make ply_logger_open_file() always open file with mode 0644.
File path "/var/log/boot.log" is constructed as given below:

             case PLY_MODE_BOOT:
               filename = PLYMOUTH_LOG_DIRECTORY "/boot.log";

    src/Makefile.in:307:           -DPLYMOUTH_LOG_DIRECTORY=\"$(localstatedir)/log\" 

    plymouth-0.8.3/INSTALL:32:./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var

• That's why the permission's of /var/log/boot.log will be changed to default 0644 after reboot.