| Author |
Message
|
| Boomn4x4 |
 Posted: Wed Mar 26, 2014 7:37 am Post subject: Changing permission on "active" log directory |
 |
|
Disciple
Joined: 28 Nov 2011
Posts: 172
|
| I have a monitoring tool that I would like to keep an eye on the /var/opt/log/qmgr/active directory to make sure that it isn't filling up with logs for a queue manager with linear logging. The monitor runs via a non mqm user and the active directory has 770 permissions. Would there be any harm in modifying that directories permissions to 774 so that the monitor can check the disk usage for that directory? |
|
| Back to top |
|
 |
| exerk |
| Posted: Wed Mar 26, 2014 7:43 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
Generally speaking it is not a good idea to change the 'default' permissions on any MQ-related directory. Do not your UNIX Admins monitor file system usage already? Cannot your 'requirement' be added to their existing monitoring if so?
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| bruce2359 |
| Posted: Wed Mar 26, 2014 11:02 am Post subject: |
|
|
Poobah
Joined: 05 Jan 2008
Posts: 9469
Location: US: west coast, almost. Otherwise, enroute.
|
| exerk wrote: |
| Generally speaking it is not a good idea to change the 'default' permissions on any MQ-related directory. |
Please allow me to toss in my US$0.02.
It is a worst-practice to change permissions set by the installation process. Doing so becomes a bad habit; which, in turn, leads to many self-inflicted problems.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
| Back to top |
|
|
| PGBuff |
| Posted: Wed Mar 26, 2014 11:59 am Post subject: |
|
|
Novice
Joined: 08 Nov 2013
Posts: 11
|
|
| Back to top |
|
|
| PeterPotkay |
| Posted: Wed Mar 26, 2014 1:10 pm Post subject: Re: Changing permission on "active" log directory |
|
|
Poobah
Joined: 15 May 2001
Posts: 7722
|
| Boomn4x4 wrote: |
| I have a monitoring tool that I would like to keep an eye on the /var/opt/log/qmgr/active directory... |
Interesting path...that's not a default location for MQ logs.
Anyway, why not just monitor a higher level to which 'world' does have read access?
| Code: |
>pwd
/var/mqm/log
>ls -l
total 4
drwxrwsr-x 3 mqm mqm 4096 Mar 20 13:35 PETERQM
>du -sh PETERQM
1.2G PETERQM
|
_________________
Peter Potkay
Keep Calm and MQ On |
|
| Back to top |
|
|
| shashivarungupta |
| Posted: Wed Mar 26, 2014 1:49 pm Post subject: Re: Changing permission on "active" log directory |
|
|
Grand Master
Joined: 24 Feb 2009
Posts: 1343
Location: Floating in space on a round rock.
|
| Boomn4x4 wrote: |
| ..on the /var/opt/log/qmgr/active directory.. |
as PeterPotkay has mentioned correctly, it is not the default location of the active logs of mq qmgr.,
in addition to that... in some of the scenarios and cases it is not necessary that it has to be set at default location but to a different mount point (custom to the client's environment).
But yes.. I agree.. it is an Interesting path. 
_________________
*Life will beat you down, you need to decide to fight back or leave it. |
|
| Back to top |
|
|
| zpat |
| Posted: Wed Mar 26, 2014 11:03 pm Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
Adding read access to logs is no big deal in my view.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error. |
|
| Back to top |
|
|
| exerk |
| Posted: Wed Mar 26, 2014 11:12 pm Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
| zpat wrote: |
| Adding read access to logs is no big deal in my view. |
But just what are you going to be reading in the /active directory? Or do you mean read access to the directory?
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| zpat |
| Posted: Thu Mar 27, 2014 12:37 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
Whoops, I meant error logs... but yes, in the case of transactional logs access to the directory would be enough.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error. |
|
| Back to top |
|
|
| tczielke |
| Posted: Tue Apr 08, 2014 6:14 pm Post subject: |
|
|
Guardian
Joined: 08 Jul 2010
Posts: 941
Location: Illinois, USA
|
| Based on the directory naming convention, the environment here sounds like Unix/Linux. One option is to leave the permissions as 770 for the /var/opt/log/qmgr/active directory, but set up a sudo rule so that the monitor id can run as mqm for running the du command on that directory. |
|
| Back to top |
|
|
|
|
