Change the permissions logfiles are created by Bitbucket

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

You might be using a tool that needs read access to the log file atlassian-bitbucket.log.

For instance, it could be the case that the log file is currently being created with the following permission:

-rw-r----- 1 atlbitbucket atlbitbucket 7549127 Feb 19 14:52 atlassian-bitbucket.log

And it's needed for it to be created like:

-rw-r--r-- 1 atlbitbucket atlbitbucket 7549127 Feb 19 14:52 atlassian-bitbucket.log

Solution

The permissions of the files being created by the atlbitbucket user are defined by the umask this user has in your system. In the example above, you want to change from 0020 to 0022.

One option is to possibly overwrite the current umask by changing the following parameter in the _start-webapp.sh file:

#
# Uncommenting the following will set the umask for the Atlassian Bitbucket application. If can be used to override
# the default settings of the Bitbucket user is they are not sufficiently secure.
#
# umask 0027

However, that will change the permission for all the files this user creates.

Another alternative is to work with ACL for the <STASH_HOME>/log directory:

For example:

$ sudo setfacl -m d:o:r /var/atlassian/application-data/bitbucket/log

See explanation on:

A similar solution could be applied for different flavors of Linux.

Last modified on Jul 19, 2021

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.