X-Sylpheed-Account-Id:1
S:andy.sharp@onstor.com
SCF:#mh/Mailbox/sent
X-Sylpheed-Sign:0
X-Sylpheed-Encrypt:0
X-Sylpheed-Privacy-System:
RMID:#imap/andys@onstor.net@onstor-exch02.onstor.net/INBOX	0	BB375AF679D4A34E9CA8DFA650E2B04E08D2A078@onstor-exch02.onstor.net
X-Sylpheed-End-Special-Headers: 1
Date: Tue, 11 Mar 2008 15:49:09 -0700
From: Andrew Sharp <andy.sharp@onstor.com>
To: "Kumar Vakacharla (HCL)" <kumarv@onstor.com>
Subject: Re: Defect  TED00021741 [Cougar] user with CLUSTER,SECURITY in
 clustesr priveleges cannot find or view elog messages
Message-ID: <20080311154909.73d22aa8@ripper.onstor.net>
References: <BB375AF679D4A34E9CA8DFA650E2B04E08D2A078@onstor-exch02.onstor.net>
Organization: Onstor
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Kumar, are you working on this?  I am guessing yes, since I think it is
assigned to you.

Anyway, I can think of one way to fix it which I will throw your
way. I have not coded it or tried to test it.

Add a file /etc/default/sysklogd-listfiles to the release.  that would
be <branch>/linux/rootfs/etc/default/sysklogd-listfiles
The file should contain the line

SYSKLOGD_LIST_EXCLUDE_FILES=/var/log/onstor


Then,

Change line 29 of file /etc/cron.weekly/sysklogd from

for LOG in `syslogd-listfiles --weekly`

to 

for LOG in `syslogd-listfiles $DONT_LIST --weekly`


Then add code after the three test lines at the beginning similar to
this:

if [ -r /etc/default/sysklogd-listfiles ] ; then
	. /etc/default/sysklogd-listfiles
fi

DONT_LIST=
if [ "$SYSKLOGD_LIST_EXCLUDE_FILES" ] ; then
	DONT_LIST="-s $SYSKLOGD_LIST_EXCLUDE_FILES"
fi


On Tue, 11 Mar 2008 14:52:43 -0700 "Kumar Vakacharla (HCL)"
<kumarv@onstor.com> wrote:

> Andy, 
> 
>  
> 
>       This problem is related to permissions of the elog messages
> file. 
> 
>       In cougar, "/var/log/onstor/messages" files are being created
> with permission 0x640 and as a result any users who logged into to
> the system with their local useraccount are ending up with the error
> "Permission Denied" when they try to execute "elog show " or "elog
> find" command.
> 
> Only root login can execute these commands. 
> 
>  
> 
> I have found that this is happening because of the savelog program
> which is responsible for rotating files. 
> 
>  
> 
> File: /etc/cron.daily/sysklogd
> 
>  
> 
>   savelog -g adm -m 640 -u root -c 7 $LOG >/dev/null
> 
>  
> 
> So the savelog program is creating new files with 0x640 permissions.
> 
>  
> 
>  
> 
> I think this problem should not be present now because you have
> changed log rotation mechanism in linux so that it uses logrotate.
> (change list :28107)
> 
> But in the latest submittals still I see that these files are getting
> created with 0x640 even though conf file says files should be created
> with 
> 
> 0x644. 
> 
>  
> 
> File: /etc/logrotate.d/onstor
> 
>  
> 
> /var/log/onstor/messages {
> 
>     size 60K
> 
>     rotate 5
> 
>     weekly
> 
>     compress
> 
>     delaycompress
> 
>     create 644 root root <-------------- 
> 
>     sharedscripts
> 
>     postrotate
> 
>         /usr/bin/killall -HUP syslogd
> 
>         /onstor/bin/emrscron -s elog0 &
> 
>     endscript
> 
> }
> 
>  
> 
> Please clarify me whether you have changed log rotation mechanism in
> cougar to use logrotate instead of default syslogd rotation  so that I
> can proceed further.
> 
>  
> 
> Please correct me if I am wrong. 
> 
>  
> 
> Thanks,
> 
> Kumar.
> 
>  
> 
>  
> 
> -----Original Message-----
> From: tim.gardner@onstor.com [mailto:tim.gardner@onstor.com] 
> Sent: Tuesday, March 11, 2008 12:17 AM
> To: Kumar Vakacharla (HCL); May Ma
> Cc: Sandrine Boulanger; Vikas Saini
> Subject: Defect TED00021741 [Cougar] user with CLUSTER,SECURITY in
> clustesr priveleges cannot find or view elog messages
> 
>  
> 
> id: TED00021741
> 
> Headline: [Cougar] user with CLUSTER,SECURITY in clustesr priveleges
> cannot find or view elog messages
> 
> State: Assigned
> 
> Submitter: maym
> 
> Severity: 2-Major
> 
> Note_Entry: 
> 
> Area_of_problem: SW-Privileges
> 
> Release_Project: Cougar
> 
>  
> 
>  
> 
