We have an Apache "HTTPD-Tomcat" combo to run Federation services using the SM WebAgent + OptionPack
Each service (RHEL) runs with its own pair user:group = httpd:httpd | tomcat:tomcat
We have found the wa.log created by tomcat user (?) and thus httpdis unabl to write in it
Since log files are in /opc/CA/webagent/log (which owner is "httpd") how do I manage permissions to write logs properly?
We have "swinged" the groups, putting tomcat in httpd and viceversa, but it doesn't seem to address completely
At the start of HTTPD, wa.log is created with the httpd user and umask 022... How do I set the wa.log umask, btw?
Any suggestion is appreciated
wa.log is for webagent functionality and the webagent code runs within tomcat. The httpd / apache runs outside tomcat memory space as a separate independent process.
The wa.log and federation logs would all be generated by Tomcat user because both WA and WAOP runs within Tomcat.
Either have a specific line for umask <newvalue> in your '.profile' [dot profile] for httpd user or include umask line in the apachectl script used to start the services. Multiple ways to set the umask value.
Online articles on "how to manage umask values on *nix platforms" would provide more insight.