24

We have several developers who maintain the system and I want them to easily read the log files in /var/log/httpd without needing root access. I set the read permission for 'other' users but when I run tail on the log files I get permission denied:

[root@ourserver httpd]# chmod -R go+r /var/log/httpd
[root@ourserver httpd]# ls -la
drwxr--r--  13 root root 4096 Oct 25 03:31 .
drwxr-xr-x.  6 root root 4096 Oct 20 03:24 ..
drwxr-xr-x   2 root root 4096 Oct 20 03:24 oursite.com
drwxr-xr-x   2 root root 4096 Oct 20 03:24 oursite2.com
-rw-r--r--   1 root root    0 May  7 03:46 access_log
-rw-r--r--   1 root root 3446 Oct 24 22:05 error_log

[me@ourserver ~]$ tail -f /var/log/httpd/oursite.com/error.log
tail: cannot open `/var/log/httpd/oursite/error.log' for reading: Permission denied

Maybe I'm missing something on how permissions work but I'm not finding any easy answers on it.

user2344668
  • 361
  • 1
  • 2
  • 5
  • 2
    I researched several articles trying to find a solution to this based on the error (including Apache's documentation); that's the only reason I posted here. I don't know why this got down-voted. Do I have to post which websites I researched? Based on the answer it just looked like there was something about Linux I didn't quite understand but this particular attribute was not mentioned in the articles I read. – user2344668 Oct 25 '13 at 22:20
  • 1
    `[me@ourserver ~]$ tail -f /var/log/httpd/oursite.com/error.log` <--- So what are the permissions on **`/var/log/httpd/oursite.com/error.log`** -- this would be ***EXTREMELY RELEVANT***. (Also note [Joshua's answer below](http://serverfault.com/a/548544/32986)) – voretaq7 Oct 29 '13 at 16:09
  • 8
    @voretaq7 and others - It's ridiculous that a question like this gets down-voted and closed. - Let's get this straight: You're supposed to *know the answer* in order to ask the question properly? I see. As a C++ and PHP programmer who needs to provide non-root access to these logs to others, I suppose I ... should be ashamed of myself for not knowing how to make this possible? I'll go hang my head in a corner now. Actually, it says the question is not about professional system administration. I see - so as a PHP programmer managing my client's system, I'm a ... phony. Thanks! – Dan Nissenbaum Feb 16 '14 at 16:56
  • 3
    Stackoverflow and friends suck. The closing and downvoting Nazis are ruining it. – Lothar May 29 '16 at 05:24
  • 2
    This seems to be kind of a harsh close vote, imo. If this is OT for ServerFault, where should people go to find an answer? In any case, the answer that was given before it was closed is still helpful thanks to Google. – Evan Donovan Dec 05 '16 at 21:37

1 Answers1

26

Directories (like /var/log/httpd) require both read and execute permissions in order to be traversed. So when you add "r" to the directory, it only allows the world to see the contents, but not to enter into it and continue into other directories.

Try chmod -R go+rX /var/log/httpd

effhaa
  • 133
  • 1
  • 7
Joshua Miller
  • 1,378
  • 2
  • 11
  • 14
  • 2
    Just one note here in the command you don't need the -R switch, because you are updating the directory and not files. Just to share that... The command would be: `chmod go+rX /var/log/httpd` – Matija Jul 22 '16 at 08:45