| Re: [chrony-dev] logdir permissions |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
- To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-dev] logdir permissions
- From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
- Date: Fri, 2 Oct 2020 08:49:25 +0200
- Authentication-results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mlichvar@xxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1601621370; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=3H4fpmkdanZs7WwtXMkTJIJb57uhvpCyI0/WcVKotbI=; b=btcQsaoci5k/I+ohaY/gyLnLdTirrB82dGhqGROi5tGUCBlvjNLQ0L25NPxriiSYRW/fTz ye7HnXxHQrtVglGWzwKIIZQeDdB6Kk3SdQ+Ho8UNI7fox77g4hXllfx1Ozh+xbmycUvENn 56bQFpNnYGP4lG3BwcdbLKu1KdmeggQ=
On Fri, Oct 02, 2020 at 01:49:06PM +1300, Bryan Christianson wrote:
>
> > On 2/10/2020, at 1:40 PM, Bill Unruh <unruh@xxxxxxxxxxxxxx> wrote:
> >
> > You could just override the default after chrony has been installed and the
> > logdirectory has been created?
>
> Thats what I'm doing at the moment. To automate it, I would need to parse the conf file to find the directory - chronyd already does that, so that seemed like a better place to make the change.
If the permissions were configurable, something would still need to
modify the config file, before chronyd runs for the first time, right?
And at that point that person or thing could just create that
directory for chronyd with whatever permissions are needed.
I wanted all directories created by chronyd to be 0750 to make it
consistent/predictable and minimize information leaks by default.
Admins and package maintainers can override that by creating the
directories.
--
Miroslav Lichvar
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.