logging.py: mutiple system users writing to same file getting permission errors.
Vinay Sajip
vinay_sajip at yahoo.co.uk
Fri Dec 7 15:46:26 EST 2007
On Dec 6, 6:35 pm, evenrik <even... at gmail.com> wrote:
> An a redhat box I have root, apache and other normal users run code
> that uses theloggingmodule to write to the same log file. Since
> umasks are set to 2 or 022 this gets permission errors.
>
> I have fixed my issue by patching theloggingcode everywhere there is
> an open for write with:
> try:
> old_umask = os.umask(0)
> # open for write here
> finally:
> os.umask(old_umask)
>
> Is there a better way to solve this issue?
> Are there any security problems with this solution other than the log
> file not being protected?
Multiple processes writing to the same log file may step on each
other's toes: logging contains thread synchronisation code but no
protection against multiple processes accessing the same resource. The
best solution would be to log from all processes to a SocketHandler,
and then have a socket receiver process write the logs to file. This
effectively serialises access to the log file. An example is given in
the logging docs, see
http://docs.python.org/lib/network-logging.html
Of course, you can have the receiver process run under a uid of your
choosing which has the appropriate permissions to write to the log
file.
Regards,
Vinay Sajip
More information about the Python-list
mailing list