Security :: Umask For Cron And Other Log Files?
Mar 16, 2011
Does anyone have a solution for cron file permissions. I need them to be automatically generated 640, right not I believe they are 0644. Could I add a umask varible to the syslog.conf file to set the umask for cron generated files? Or is there a better way to do this. I am speaking only of logs generated by root.
View 1 Replies
ADVERTISEMENT
Apr 3, 2009
I have several directories, each owned by root and a group of the same name,By setting the sgid bit, I made sure that newly created files and directories are owned by the correct group, and that directories have the sgid bit set too.On each newly created directory or file, the permissions are set to 755. This is because this is the default umask, and I cannot change a users umask. I actually only want files created below a particular directory to have group write access, inheriting this behaviour to newly created directories properly.I'm not on samba or NFS, I have to do this for SSH users.The filesystem is ext3.I started to fool around with ACLs, but couldn't find what I was looking for.
View 3 Replies
View Related
Mar 5, 2010
I want to set permissions to a folder as rwx-r-x-r-x in such a way that whenever a new file or folder is created under it, it will automatically inherit the parent folders default permissions.So,what I need to do know, do I have to change the umask value??
View 5 Replies
View Related
Mar 16, 2011
My Debian system has by default umask permissions of 0022, which I never liked. One user can read all the files of another seems very insecure to me.
I am planing to set it to 007, so that user and group have rw but all others have none.
Are there any side effects to that? I have noticed from a trial I did where I was changing permissions on the filesystem that some system stuff in the OS does not work anymore, if "others" have no read permission anymore, so that is why I am asking.
And why are chmod / umask permissions sometimes stated as 4 digits? What is this "all" group in the end? Isn't that already covered by "others"?
View 1 Replies
View Related
Feb 4, 2010
Recently I was going through some chmod manipulations and found the umask values to be 0002 by default in Fedora 11 distro. What I knew about the default values to be 022. I don't know whether this is a kernel modification in this distro or my system is in compromise(I doubt for the latter option, but not confirmed).
View 4 Replies
View Related
Oct 28, 2009
I have ext3 partition mounted on /mnt/shared/ as follows
Code:
Permissions above are of the actual mounted fs.
Goal is to have all files created on the fs
1) to belong to group 'users'
2) to have this groups permissions set to rw (rwx for directories) so that all users who belong to group 'users' have full read/write access to data and everyone else to have only read access.
Now because of setgid bit (s) in group permissions every file created has group 'users' and additionally setgid bit is set for directories. Because every users umask by default (on my system) is set to 0022 all created files will have permissions 644 for ordinary files and 755 for directories.
Net result of above means that users A and B who both belong to group 'users' won't be able to modify files created by the other.
So how can I make files created on the fs to be created always with umask 0002 WITHOUT changing default umask for users that is used elsewhere (like in their home directory) ?
View 1 Replies
View Related
Jan 7, 2011
To create a daemon, you need to execute these 2 lines (among others):Code: init log
umask 0 What do each of these do?I didn't find anything on the 1st line. (The queries returned mostly "the log of the init (process)".)Google cast some light on the 2nd line: By setting the umask to 0, we will have full access to the files generated by the daemon. Even if you aren't planning on using any files, it is a good idea to set the umask here anyway, just in case you will be accessing files on the filesystem.
View 2 Replies
View Related
Apr 25, 2011
Not sure if this is the right place to ask this question. In Solaris we have umask (shell builtin) and /usr/bin/umask. However I could not find /usr/bin/umask in Linux.
I want to know the difference between both and how can we achieve the functionality of /usr/bin/umask in Linux as its not there...
View 6 Replies
View Related
Jun 4, 2010
Where to find this CRON job ?
edit....
i found it at syslog, CRON schedule check for php5:-
Quote ...
but i still don't understand , why / what schedule it to check php5 ? how to off it ?
View 3 Replies
View Related
Jan 5, 2011
I have a script that crond runs each night. The script pulls some sensitive files from an SFTP server and stores them in a folder on the local machine.I need to encrypt those files on the filesystem. Ideally, I could encrypt the folder they're stored in to require a password whenever the files are accessed. The problem is that then crond wouldn't be able to access the files. Using something like ecryptfs would allow the cron script to mount the encrypted storage by supplying the password, but now the keys to the kingdom are just sitting in a cron shell script.
Is there a good way to approach this? One thought I had was finding a tool that lets cron encrypt the files using a public key, then require a password to decrypt them (silently using the password to access the related private key)I don't want too much complexity on the decryption side, because I will have relatively non-tech people needing to access those files occasionally.
View 6 Replies
View Related
Jan 25, 2010
Take a peek at this:
Code:
Jan 23 20:15:01 localhost CRON[22629]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 23 20:15:01 localhost CRON[22629]: pam_unix(cron:session): session closed for user root
[code]....
View 3 Replies
View Related
Nov 27, 2010
In my windows machine I have some txt files. I want run a script or command daily to get those file to my linux box using cron job.
Windows (192.168.1.5)
d:
ecords est.txt
to
Linux (192.168.1.
/data
I want to run that script in my linux box every day at 10.30 AM using cron job to get those files from windows to linux.
View 1 Replies
View Related
Oct 12, 2009
how to create cron file and how to run them?
View 2 Replies
View Related
Sep 29, 2009
I have a php script in cron directory that generates 5 textfiles, after the files are generated, I want to create a script that will move the 5 text fiels to anoher folder name "web".
View 2 Replies
View Related
Apr 21, 2010
OS: zLinux, SuSE Linux Enterprise Server 10
I want to copy files from one server to other servers via cron job.
All servers are part of a network.
Here is the copy command I will use:
This script is in our test server.
We need to copy files to other environment via cron job.
View 12 Replies
View Related
Feb 27, 2011
I have a Cent OS dedicated server, not sure what version though as I'm new to Linux. How do I find out what version I have? Is there an anti virus or security package that I can install on my server which can use Cron Jobs to do a scan every 12 hours.
View 7 Replies
View Related
Jun 28, 2010
in my linux box i have lot of cron jobs. i need to make all cron jobs in script files. is it possible to make this. like[URL]Now how i change this in a script file
View 4 Replies
View Related
Jun 28, 2010
I would like to create a cronjob that will delete all files within a directory 1 hours after it is created to the folderI found this cron find /path/to/file/* -ctime +1 -exec rm {} ; but it's deleted all files.I want to make an exception, all file should be deleted except one file (letsay file a.zip)
View 16 Replies
View Related
Jan 4, 2011
A user will be ftping some files to an upload directory. I need to move those files to another directory. I also need to mail a list of the just moved files to the user. This job will need to run every 10 minutes. I need to keep a log that holds all the files for the day that were moved, renaming it with the date/timestamp.I have this below but I just can't put it all together. a workable script out of this?
#!/bin/bash
# test.shl
source="/u03/upload/"
[code]...
View 5 Replies
View Related
Jul 1, 2010
I made a Bash script that is fired by a Cron job every morning. It dumps an SVN backup on some Samba shared drive. I would like to know how I can make sure the job worked correctly without having to verify the shared drive every morning. Right now, I take the job's output, save it to a log file and send this file by email. But the ouput isn't so great.
[Code]....
View 2 Replies
View Related
Aug 14, 2011
I would like to backup important files (totaling about 400GB) on my ext 4 RAID 5 array to an ext4 external hard drive over USB (external drive is mounted to /mnt. In the future I'd like to automate the process using rsync and cron so for now I'm using rsync to transfer the files. My problem is that using the rsync command like this: # rsync -Pr "/dir1" "/dir2" "/dir3" "/dir4" /mnt
rsync shows me the checks and transfers for awhile and then throws up an i/o error (wish I had a screenshot to show but I don't). When I ls /mnt I get a similar i/o error. I then check /dev for the drive and find that it no longer shows up. Originally the partition was /dev/sdc1. I tried unplugging the USB at this point, plugging it back in and mounting the drive back to /mnt, however it has now assigned it to (you guessed it) /dev/sdd1. I get the drive mounted and try the original rsync command again, hoping the first error was a fluke or some kind of one-time drive fart. This time it makes it quite a bit further and then throws up the exact same problem. Am I doing something terribly wrong here? As I said, I'm very new to bash so I'm not making some absolutely moronic, newbie mistake.
View 9 Replies
View Related
Apr 29, 2011
Can anyone tell me how i change the default domain name for cron?everything i cron runs it emails from and to user@com.com
this leaves me with a massive list of failed mails in postfix.i have mailto on my main crontab but i cant do it on all of them.
View 1 Replies
View Related
Jan 29, 2011
I have added some executable scripts to /etc/cron.daily but don't get the stdout/stderr output from them as mail (or anywhere else I have found). At least one of them is running (because I can see that it has added a file to the disk).
The peculiar thing is that I do get the output from /etc/cron.daily/0logwatch (part of the logwatch package) as an email each day.
The MAILTO line in /etc/crontab is "MAILTO=root" (unchanged from default). Same for /etc/anacrontab.
I do have an alias at the end of /etc/aliases which redirects root's mail to my own account, but this alias works fine for mail I send manually. (It also appears to work fine for the output from the file /etc/cron.daily/0logwatch.)
View 3 Replies
View Related
Feb 25, 2010
It seems that cron is not upgrading my Ubuntu 8.04 LTS Server, no GUI installed. I changed /etc/crontab and watched apt running:
Code:
ps -A | grep apt
showed it for a long time,
Code:
sudo tcpdump tcp
showed communication with canonical sites,
but:
Code:
top
did not show any apt using CPU
[code].....
View 2 Replies
View Related
Sep 19, 2010
I put in my cron entries to run my backup script which rsyncs my data to my 2nd drive, however on a hunch I checked my backup drive which mounts automatically via fstab and I realize it had not ran in a while. I checked cron and there were no entries for it. I got to wondering if I should ever be worried about a cron update coming down and over-writing my existing cron file with the backup entries in it to run.
View 2 Replies
View Related
Feb 16, 2010
I have set up a cron in /var/spool/cron/root
*/15 * * * * /usr/bin/phplist.sh
I can see in /var/log/cron that it is running every 15 minutes but it has no effect. It is not doing the commands in the bash script.
If I run /usr/bin/phplist.sh right in the shell it works great.
View 3 Replies
View Related
Feb 9, 2011
Is my vixie-cron broken? i have "0-59 * * * * root /usr/sbin/logrotate /etc/logrotate.conf" but it is not running in /etc/cron.d.
Code:
View 2 Replies
View Related
Jun 7, 2011
I have logged in with root user
My systems Umask value was 0022.
Code:
So i decided to change it to 0077 and observe the system for some time. so i edited /etc/profile and added
Code:
at the end of file
rebooted the machine.
But the umask is still showing as 0022
After the first attempt is failed I tried changing it using below command.
Code:
Validated it.
Code:
rebooted the machine but the umask is still showing 0022
So at last i have to modify /etc/bashrc file and add umask 077 at the end of the file.
How would i make it in general for all(Even for non-root user) and not just for bash prompt.
View 4 Replies
View Related
Oct 27, 2010
after installing openSuSE 11.3 i was thinking a bit about security. I read, it's a good idea to set umask of users to 077 . I'm unsure now, where to do this, cause there are different locations offered in the web:
/etc/login.defs
$HOME/.profile
/etc/profile - umask would be valid for root too.
And for my understanding:
- Is it wise to set root to umask 077 too or could this lead to negative effects on my system.
- Is it even senseless to umask the normal user to 077 if there is just one desktop-user using my system (myself ).
View 9 Replies
View Related
Jan 15, 2010
I am attempting to modify the default umask value under all accounts on my linux system to 002. This will hopefully allow both the account and the account's group access to the created files.
I have modified it within /etc/bashrc, however it seems to be making no difference on this default value. The files I create through "File Browser" all have the access rights set to 600.
Is there any error here, as all evidence I can find on the internet points to the bashrc file.
View 1 Replies
View Related