Re: [NV-L] NetView File Permissions
2007-08-23 09:05:17
The stuff in /usr/OV/tmp can be deleted, but there is no way I know of to control what permissions are used on the files created there. When you restart the ITSL2_netmon.tmp file for example will get re-created with the same permissions you have now. It should have no effect if you change them from rw-rw-rw- to something more restrictive.
Ditto with the log files. You can ovstop the daemons and chmod 644 everything in the directory and restart. No big deal. But if you remove a log file which is currently created as rw-rw-rw- then it will get re-created that way when the daemon restarts. I don't know of any way to control that.
James Shanks
Level 3 Support for Tivoli NetView for UNIX and Windows
Network Availability Management
Network Management - Development
Tivoli Software, IBM Corp
ss cc <steph_cornish AT yahoo DOT com>
ss cc <steph_cornish AT yahoo DOT com>
Sent by: nv-l-bounces AT lists.ca.ibm DOT com
08/22/2007 03:04 PM
Please respond to
Tivoli NetView Discussions <nv-l AT lists.ca.ibm DOT com> |
|
|
All,
Once a year IA (Information Assurance) will scan our UNIX based NetView servers and this year files in the following NetView directories were sited with wide file permissions:
/usr/OV/tmp
/usr/OV/log
/usr/OV/www/logs
/usr/OV/www/webapps
Attached are some of the files in the above directories. Can someone tell me if I can scale back some of the permissions without harming NetView?
TIA,
Stephanie
Luggage? GPS? Comic books?
Check out fitting gifts for grads at Yahoo! Search.mcusquannv02# pwd
/usr/OV/tmp
mcusquannv02# ls -lt
total 32
-rwxrwxrwx 1 <user> <group> 233 Aug 21 14:52 colors
-rwxrwxrwx 1 root other 25 Aug 21 14:40 explore_26673
-rw-r--r-- 1 root root 4413 Aug 21 14:39 netnmrc.ovstart
-rwxrwxrwx 1 <user> <group> 25 Aug 21 11:38 explore_16006
-rwxrwxrwx 1 <user> <group> 25 Aug 21 11:36 explore_9302
-rwxrwxrwx 1 root other 26 Aug 21 11:23 explore_16063
-rw-rw-rw- 1 root other 0 Aug 19 23:15 ITSL2_netmon.tmp
prw--w--w- 1 <user> <group> 0 Jun 14 23:51 demand.17506
-rw------- 1 root root 196 Jan 30 2007 updatelrf.startlist
-rw------- 1 root root 196 Jan 30 2007 updatelrf.startlist.unorder
-rw-rw-rw- 1 root root 0 Dec 11 2006 ITSL2_new_db.tmp
drwxrwxrwx 2 root root 512 Aug 14 2006 NetSPtkt
mcusquannv02#
/usr/OV/log
drwxrwxrwx 3 bin bin 2048 Aug 21 14:47 /usr/OV/log
-rw-rw-rw- 1 root other 632489 Aug 21 14:40 /usr/OV/log/netview_root.log
-rw-rw-rw- 1 root other 495584 Aug 21 14:46 /usr/OV/log/nettl.LOG00
-rw-rw-rw- 1 root other 4071421 Aug 21 14:47 /usr/OV/log/netmon.trace
-rw-rw-rw- 1 root other 45225 Aug 21 14:18 /usr/OV/log/servmon.log
-rw-rw-rw- 1 root other 8743936 Aug 21 14:46 /usr/OV/log/netmon.trace.old
-rw-rw-rw- 1 root other 5575 Apr 30 13:26 /usr/OV/log/nvsbc.log
-rw-rw-rw- 1 jsmith <group> 2728216 Jul 6 21:59 /usr/OV/log/netview_jsmith.log
-rw-rw-rw- 1 root other 512120 Aug 20 10:36 /usr/OV/log/nettl.LOG01
-rw-rw-rw- 1 root other 512113 Aug 16 23:53 /usr/OV/log/servmon.log.1
-rw-rw-rw- 1 jsmith2 <group> 6500782 Aug 18 21:59 /usr/OV/log/netview_jsmith2.log
-rw-rw-rw- 1 root other 512081 Jul 7 22:34 /usr/OV/log/servmon.log.2
-rw-rw-rw- 1 root other 0 Aug 15 00:00 /usr/OV/www/logs/2007_08_15.request.log
-rw-rw-rw- 1 root other 0 Aug 16 00:00 /usr/OV/www/logs/2007_08_16.request.log
-rw-rw-rw- 1 root other 0 Aug 17 00:00 /usr/OV/www/logs/2007_08_17.request.log
-rw-rw-rw- 1 root other 0 Aug 18 00:00 /usr/OV/www/logs/2007_08_18.request.log
-rw-rw-rw- 1 root other 0 Aug 19 00:00 /usr/OV/www/logs/2007_08_19.request.log
-rw-rw-rw- 1 root other 507 Apr 5 16:09 /usr/OV/www/webapps/netview/properties/<user>.properties
-rw-rw-rw- 1 root other 505 Aug 9 15:48 /usr/OV/www/webapps/netview/properties/<user2>.properties
_______________________________________________
NV-L mailing list
NV-L AT lists.ca.ibm DOT com
Unsubscribe:NV-L-leave AT lists.ca.ibm DOT com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to internal IBM'ers only)
_______________________________________________
NV-L mailing list
NV-L AT lists.ca.ibm DOT com
Unsubscribe:NV-L-leave AT lists.ca.ibm DOT com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to
internal IBM'ers only)
|
|
|