Description

For EO compliance, InfoScale changed all its log files to have 600 permissions. 

File permissions for existing log files are changed during InfoScale upgrades to 8.0U1 or 8.0.2. 

Veritas Internal Incident:  e4155091  - Add a tunable to control log file permissions and honour the tunable


One_Line_Abstract:
Volume manager tunable to control log file permissions

Symptom:
Volume manager tunable to control log file permissions

Description:
With US President Executive Order (EO) 14028 compliance changes, all product log file permissions are changed to 600 by default
Introduced tunable  "log_file_permissions" to control the log file permissions to 600 (default), 640 or 644. 

The tunable can be changed at install time or any time with reboot.

Resolution:
Added the log_file_permissions tunable.

Tunable for InfoScale log file permissions

For VxVM, the "log_file_permissions" tunable is available to manage the log file permissions.
 

The default value (0) of the tunable should retain strict compliance with EO.

Users should be able to change the tunable value at installation/upgrade time as well as at any other time. 
 

Use the following command to set this tunable parameter:

# vxtune log_file_permissions


Table 1.0
 

# vxtune  | grep log_file_permission
log_file_permissions      0     0    Y        N

The tunable value for "log_file_permission" is set in the following file:

/etc/default/vxsf