Pmlogger is creating world-readable log files in /var/log/pcp/pmlogger

Solution Verified - Updated -

Issue

  • pcp component pmlogger is creating world-readable log files in /var/log/pcp/pmlogger.
  • Security vulnerability scanners (notable CIS Benchmark assessor tool, and possibly Rapid7), are calling out these files, asserting that they should have NO world access, read or otherwise.
  • Expecting that OS distribution products would comply with CIS standards.
  • What is the way to configure pmlogger to change the mode in which it creates said logs; if there is a way, we would be glad to know of it, if there is not a way, would like to see this corrected.
  • cockpit-pcp will not display historic performance metrics from pmlogger

Environment

  • Red Hat Enterprise Linux (RHEL) 7, 8 and 9
  • pcp
  • pmlogger

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content