Aitor San Juan wrote:
I have a shell script whose execution is scheduled by CRON. The
command scheduled is of the form:
50 23 * * 1-5 /apps/batch/cronjobs/bd_backup.sh >
/apps/batch/logs/bd_backup.log 2>&1
This shell script runs under the id of root. The file permissions of
the log file created are 644 (owner: root, group: wheel). I'd like that
the file permissions of the log created be 600 (or 640 maximum). How
could I accomplish this? This is probably related to "umask", but I
don't dare changing anything in case that change could affect some
other security configuration as a side effect.
What would you recommend?
One solution: write a simple wrapper shell script for this which:
a) creates the backup.log file, deleting any existing (> backup.log
would probably do)
b) changes the permissions to the ones you want with chmod, chgrps
etc. etc.
c) runs /apps/batch/cronjobs/bd_backup.sh >>
/apps/batch/logs/bd_backup.log 2>&1
I.e. appends output to the file you just blanked.
Two solution: Always use >> in your cron job, then set up the
backup.log to be rotated through newsyslog which can set the permissions
correctly. You probably need to create a balnk file with the correct
permission once to seed the the process or use newsyslog -C. See the
man page for more info.
Solution one is easier, solution two also gets you a more permanent
record of how the command ran, rather than losing it every day.
--Alex
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
