On Dec 6, 6:35 pm, evenrik <[EMAIL PROTECTED]> wrote: > An a redhat box I have root, apache and other normal users run code > that uses theloggingmodule to write to the same log file. Since > umasks are set to 2 or 022 this gets permission errors. > > I have fixed my issue by patching theloggingcode everywhere there is > an open for write with: > try: > old_umask = os.umask(0) > # open for write here > finally: > os.umask(old_umask) > > Is there a better way to solve this issue? > Are there any security problems with this solution other than the log > file not being protected?
Multiple processes writing to the same log file may step on each other's toes: logging contains thread synchronisation code but no protection against multiple processes accessing the same resource. The best solution would be to log from all processes to a SocketHandler, and then have a socket receiver process write the logs to file. This effectively serialises access to the log file. An example is given in the logging docs, see http://docs.python.org/lib/network-logging.html Of course, you can have the receiver process run under a uid of your choosing which has the appropriate permissions to write to the log file. Regards, Vinay Sajip -- http://mail.python.org/mailman/listinfo/python-list
