Bug#784276: rotated log files are set executable
On Mon, Feb 08, 2016 at 06:12:27AM +, Jamie Heilman wrote: > chrysn wrote: > > please disable that behavior, make it optional and/or document why it is > > required. > > This is all based off daemontools' multilog ... > > https://cr.yp.to/daemontools/multilog.html > > ... which states: > > While multilog is running, current has mode 644. If multilog sees > the end of stdin, it writes current safely to disk, and sets the > mode of current to 744. When it restarts, it sets the mode of > current back to 644 and continues writing new lines. > > When multilog decides that current is big enough, it writes current > safely to disk, sets the mode of current to 744, and renames current > as an old log file. > > Thus it's effectively using the mode bits as flag to communicate the > state of the application, which while unusual, is harmless. Yes, and it's also documented in the svlogd(8) man page shipped with runit: [...] LOG FILE ROTATION svlogd appends selected log messages to the current log file. If current has size bytes or more (or there is a new-line within the last len of size bytes), or is older than a specified amount of time, current is rotated: svlogd closes current, changes permission of current to 0755, renames current to @timestamp.s, and starts with a new empty cur‐ rent. If svlogd sees num or more old log files in the log direc‐ [...] Please don't change this behavior. Regards, Gerrit.
Bug#784276: rotated log files are set executable
chrysn wrote: > please disable that behavior, make it optional and/or document why it is > required. This is all based off daemontools' multilog ... https://cr.yp.to/daemontools/multilog.html ... which states: While multilog is running, current has mode 644. If multilog sees the end of stdin, it writes current safely to disk, and sets the mode of current to 744. When it restarts, it sets the mode of current back to 644 and continues writing new lines. When multilog decides that current is big enough, it writes current safely to disk, sets the mode of current to 744, and renames current as an old log file. Thus it's effectively using the mode bits as flag to communicate the state of the application, which while unusual, is harmless. -- Jamie Heilman http://audible.transient.net/~jamie/
Bug#784276: rotated log files are set executable
Package: runit Version: 2.1.2-3 Severity: normal File: /usr/bin/svlogd svlogd, when rotating, sets the log files as executable. while this is documented in the man page, no reason is given, neither why one would tamper with file permissions at all (which would usually be configured by umask at creation time), nor why the files should be executable. files that are executable *and* have a non-self-evident file name are suitable to raise all kinds of red flags with users, especially in directories where no executable files are to be expected. please disable that behavior, make it optional and/or document why it is required. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages runit depends on: ii libc6 2.19-18 Versions of packages runit recommends: ii fgetty 0.6-5 Versions of packages runit suggests: pn socklog-run -- no debconf information -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom signature.asc Description: Digital signature
