fix: edge-control: audit log silently never writes — file mode 0640 + group disinto-register denies the writer (#1109) #1112
1 changed files with 2 additions and 2 deletions
|
|
@ -181,7 +181,7 @@ chmod 0750 "$LOG_DIR"
|
||||||
|
|
||||||
# Touch the log file so it exists from day one
|
# Touch the log file so it exists from day one
|
||||||
touch "$LOG_FILE"
|
touch "$LOG_FILE"
|
||||||
chmod 0640 "$LOG_FILE"
|
chmod 0660 "$LOG_FILE"
|
||||||
chown root:disinto-register "$LOG_FILE"
|
chown root:disinto-register "$LOG_FILE"
|
||||||
|
|
||||||
# Install logrotate config (daily rotation, 30 days retention)
|
# Install logrotate config (daily rotation, 30 days retention)
|
||||||
|
|
@ -194,7 +194,7 @@ ${LOG_FILE} {
|
||||||
delaycompress
|
delaycompress
|
||||||
missingok
|
missingok
|
||||||
notifempty
|
notifempty
|
||||||
create 0640 root disinto-register
|
create 0660 root disinto-register
|
||||||
copytruncate
|
copytruncate
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue