[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] changing group on /var/log/messages



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Hi!

David Bear schrieb:
> suse makes the group owner of /var/log/messages root. I was
> wondering what might break if I changed the group owner to be
> wheel. I would like members of wheel to be able to read
> /var/log/messages without having to sudo .
In this case you have to change some stuff, because:

- - logrotate rotates logs and switches rights back to what syslog is
configured to ...
- - rights settings in SuSE with Yast will reset everything as well
- - SuSEconfig will do the same

You may have to change:

/etc/permissions
/etc/logrotate.conf
/etc/logrotate/logrotate.d/*

... some additional stuff and maybe rights settings as well (640
instead of 600 for some files depending on your desires) ...

Use logcheck or whatever scripts you desire instead for getting your
reports via mail to local host for further investigations. Other
option is to run xterm with messages-output via syslog as autostarter
within whatever window-system you desire (as you have all in group
wheel you might have x installed).

Regards

Philippe

P.S.: Hint: /var/log/messages has filerights 644, so you needn't sudo
to read them unless you did a paranoid or whatever security policy
with you SuSE box.

P.P.S.: All users are group wheel ... is this necessary?

- --
Diese Nachricht ist digital signiert und enthält weder Siegel noch
Unterschrift!

Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt
gegen §1 UWG und 823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az:
16 O 201/98). Jede kommerzielle Nutzung der übermittelten
persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich
untersagt!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: GnuPT 2.7.2
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
iQD1AwUBRASv8kNg1DRVIGjBAQLn3gb/T2OKRaqaQT7hHL85w4KiNkxADspT/1Cl
6hzjD85diGWoXwCuTvkOQNw1SiZgdsBjc5uTstmZXhK5B3Z/mMLVkqC8MZdISvim
/LVgX7IjM8wm6Chhqxx3n3b/c2MM+7V9sXfLdQ3LEKYL3ueqPTtfG7ZqNROoIDkQ
sz+qI71I5A3qERPCon5u9NMsYXkJGGnVF6u374s8GXF59SklIOenarS7TgyioAjs
Lyts9Qi6T4nnsKwepM2ZH+y6XtOijPWSQEc7xV5MWOKb6nFeIpW2vLv+WsoEMECX
uEixgi4KAyo=
=LUjD
-----END PGP SIGNATURE-----


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here