Cybersecurity
DevOps Cloud
IT Operations Cloud
Summary
Change UMASK value to modify catalina.out log generation permissions in Identity Server
Products
Access Manager (NAM)
Environment
Access Manager 5
Situation
The customer tried the procedure of KB "Modify catalina.out log generation permissions" https://portal.microfocus.com/s/article/KM000018271, it works in AC but
in IDP after log rotation, "/var/opt/novell/nam/logs/idp/tomcat/catalina.out" was not granted "Read permissions for other users".
Resolution
Modify /etc/logrotate.d/novell-idp to replace copytruncate with create.
Backup catalina.out and delete previous catalina.out.
mv catalina.out catalina.out.bak
rm catalina.out
Restart the idp service.
systemctl restart novell-idp
Check the permissions of the Catalina.out file.
Check the permissions of the newly generated catalina.out after log rotation.
URL Name
KM000019727