/var/log/wtmp Permissions - logrotate
/var/log/utmp and /var/log/wtmp have their permissions and groups set in at least two places on RedHat 5.4:
1. /etc/logrotate.conf sets the permissions and ownership to 664 root utmp.
2. /etc/rc.d/rc.sysinit sets the permissions and ownership of /var/run/utmp and /var/log/wtmp to 0664 root:utmp respectively.
I believe these files have utmp ownership so they can be modified by /usr/libexec/utempter/utempter which has permissions 2711, i.e. -rwx--s--x. That SGID bit allows all users to act with as if they belong to utmp. Hence, unless you chmod 0711 /usr/libexec/utempter/utempter ALL users belong to the utmp group as far as utempter is concerned.
It's my understanding that utempter allows certain utilities, e.g. screen and X Windows utilities, to update the last login information stored in wtmp.
Not a definitive answer, but I hope this helps anyone who happens to stumble across this.
Last edited by lqrobert; 10-05-2011 at 03:21 PM.
|