From owner-freebsd-questions@FreeBSD.ORG Thu Sep 21 10:02:35 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0293116A40F for ; Thu, 21 Sep 2006 10:02:35 +0000 (UTC) (envelope-from asanjuan@bolsabilbao.es) Received: from correo-1.bolsabilbao.es (correo-1.bolsabilbao.es [212.8.77.215]) by mx1.FreeBSD.org (Postfix) with ESMTP id 282B943D46 for ; Thu, 21 Sep 2006 10:02:33 +0000 (GMT) (envelope-from asanjuan@bolsabilbao.es) Received: from correo_6.bolsabilbao.es ([10.33.5.206]) by correo-1.bolsabilbao.es with Microsoft SMTPSVC(6.0.3790.1830); Thu, 21 Sep 2006 12:02:32 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Content-class: urn:content-classes:message X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757 Date: Thu, 21 Sep 2006 12:02:15 +0200 Message-ID: <8944F1E6DB931D4681FF94706234BF71E9E3@BB06.bolsabilbao.local> In-Reply-To: <20060921053436.00EA.GERARD@seibercom.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Default file creation permissions Thread-Index: AcbdYljoh56rlCqvSgOlR5wICnvKpQAAUMVA From: "Aitor San Juan" To: X-OriginalArrivalTime: 21 Sep 2006 10:02:32.0768 (UTC) FILETIME=[0E481C00:01C6DD65] Importance: normal Priority: normal X-ExchangeSecure-AntiSpam: valid(0) Subject: RE: Default file creation permissions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Sep 2006 10:02:35 -0000 Thanks for your reply, Gerard. As you can see, the log file is not created from within the shell = script. It's created as the redirection of the output, so your = suggestion implies modifying the shell script source code. That script = calls some other scripts too and imports other scripts which define some = predefined common functions with common behaviour among all the shell = scripts developed. This means that is this case the backup script is = called by CRON but there's also the possibility of invoking it manually = (for example in the need of a backup out of the normal scheduled time). = When invoked manually, the results are shown in the screen to the = user... You know, the script is not isolated, it's part of a bigger = infrastructure behinf the scene, hidden to some users which may invoke = batch script from within menus (with no command line access). I'd like to find another solution, having to modify the shell script in = the last resort. Thanks in advance. -----Mensaje original----- De: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]En nombre de Gerard Seibert Enviado el: jueves, 21 de septiembre de 2006 11:39 Para: freebsd-questions@freebsd.org Asunto: Re: Default file creation permissions Aitor San Juan wrote: > I have a shell script whose execution is scheduled by CRON. The > command scheduled is of the form: >=20 > 50 23 * * 1-5 /apps/batch/cronjobs/bd_backup.sh > > /apps/batch/logs/bd_backup.log 2>&1 >=20 > This shell script runs under the id of root. The file permissions of > the log file created are 644 (owner: root, group: wheel). I'd like = that > the file permissions of the log created be 600 (or 640 maximum). How > could I accomplish this? This is probably related to "umask", but I > don't dare changing anything in case that change could affect some > other security configuration as a side effect. >=20 > What would you recommend? I have a few shell scripts that are run from CRON also. To accomplish what you want, I have 'chmod' and 'chown' commands in the scripts. Perhaps you might be able to incorporate something like that into yours. --=20 Gerard ************ LEGEZKO OHARRA / AVISO LEGAL / LEGAL ADVICE *************=20 Mezu honek isilpeko informazioa gorde dezake, edo jabea duena, edota = legez babestuta dagoena. Zuri zuzendua ez bada, bidali duenari esan eta = ezabatu, inori berbidali edo gorde gabe, legeak debekatzen duelako = mezuak erabiltzea baimenik gabe.=20 -------------------------------------------------------------------------= - Este mensaje puede contener informaci=C3=B3n confidencial, en propiedad = o legalmente protegida. Si usted no es el destinatario, le rogamos lo = comunique al remitente y proceda a borrarlo, sin reenviarlo ni = conservarlo, ya que su uso no autorizado est=C3=A1 prohibido legalmente. -------------------------------------------------------------------------= - This message may contain confidential, proprietary or legally privileged = information. If you are not the intended recipient of this message, = please notify it to the sender and delete without resending or backing = it, as it is legally prohibited. *************************************************************************= *