AnsweredAssumed Answered

How to manage Siteminder Agent + Fed log permissions properly?

Question asked by EnricoBonato on Jul 7, 2016
Latest reply on Jul 8, 2016 by Mukund Kalidasa Mallar

We have an Apache "HTTPD-Tomcat" combo to run Federation services using the SM WebAgent + OptionPack

Each service (RHEL) runs with its own pair user:group = httpd:httpd | tomcat:tomcat

We have found the wa.log created by tomcat user (?) and thus httpdis unabl to write in it

Since log files are in /opc/CA/webagent/log (which owner is "httpd") how do I manage permissions to write logs properly?

We have "swinged" the groups, putting tomcat in httpd and viceversa, but it doesn't seem to address completely

At the start of HTTPD, wa.log is created with the httpd user and umask 022... How do I set the wa.log umask, btw?

Any suggestion is appreciated

 

Thank you

Outcomes