Mike McClain wrote: > I've a cron job run daily from /etc/crontab, Instead of using the BSD-style interface let me strongly encourage you to start using the newer Vixie-cron-style interface of /etc/cron.d/ where they can be separate and individual files. That way the file can be dropped into place on a new installation or removed when cleaning up. That is easier and cleaner than manually editing the /etc/crontab file and working around the existing entries. > the entry looks like this: > 0 2 * * * root [ -d /mc/bin ] && /mc/bin/daily; Okay. > /mc/bin/daily sets umask > umask 037 # save files rw owner, group read only > > then runs a script like so: > [ -e /mc/bin/secure ] && /mc/bin/secure 2>&1 | tee /root/sysstats/secure.log ; Okay. But why the extra ';' at the end? It feels like a dangling something that should have been edited out with some previous edit. > but the permissions on secure.log come out 600: > root@/deb60:~> ls -l sysstats/secure.log > -rw------- 1 root root 67832 Jul 18 02:01 sysstats/secure.log > > What do I need to do to make secure.log permissions come out 640? I cannot recreate this behavior. Works for me. If I set up an equivalent then I produce files with mode -rw-r-----. To debug this, I would trace the operation of your script. First add the printing of the current umask just before the 'tee'. Also ensure that the target of the tee command does not exist, since umask will only affect the creation of new files. umask 037 umask ls -ld /root/sysstats/secure.log [ -e /mc/bin/secure ] && /mc/bin/secure 2>&1 | tee /root/sysstats/secure.log I assume it is a #!/bin/sh script? If so then run it like this: sh -x /mc/bin/daily Then look at the trace and verify that umask is actually getting set. Seems like there is something happening that isn't known that is not what you expect to be happening. Bob
Attachment:
signature.asc
Description: Digital signature