[olug] more chattr
Mike McNally
mmcnally3 at prodigy.net
Sun Sep 17 05:25:01 UTC 2000
archival log file.... not log file. And no I haven't yet figured out
how to set up the archival logs to be immutable. There's probably some
syslog.conf file where it could be done from. Here's the source of this
info:
http://www.softpanorama.org/Security/best_unix_security_papers.shtml
...and the info I am refurring to:
Secure log files
The immutable and append-only attributes are particularly effective
when used in combination with log files and log
backups. You should set active log files to append only. When the
logs are rotated, the backup log file created by the
rotation should be set to immutable, while the new active log file
becomes append only. This usually requires some
manipulation of your log rotation scripts.
mike
mesc wrote:
>
> I've read the chattr man page and one thing still confuses me,with the
> +i option it says no data can be written to it so how can that option
> be used on a log file?
>
> Confused,Gary Martin :)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: olug-unsubscribe at bstc.net
> For additional commands, e-mail: olug-help at bstc.net
---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net
More information about the OLUG
mailing list