Confluence logging and umask
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
I would like to use or I'm using umask on my server to set the default permissions on the file system for Confluence but the log files are being generated with a different set of permissions
Diagnosis
Environment
Confluence resides on a Linux server with a umask set with the user running Confluence
Diagnostic Steps
- Logs are being generated with a default set of permissions as the following:
-rw-r----- 1 confluen confluen 10.1M May 21 22:51 atlassian-confluence.log
-rw-r----- 1 confluen confluen 20.0M May 18 23:01 atlassian-confluence.log.1Cause
The process is governed by the Tomcat application server that runs Confluence application which uses a default umask of 0027.
Workaround
We can change this by specifying an environment variable named UMASK as expected by Tomcat to override the default value.
- Add the following line to setenv.sh file at <Confluence_INSTALL_LOCATION>/bin folder, at the end of the file:
export UMASK=0022- Restart Confluence to take effect.
- Please note that the value 0022 is just an example, change it accordingly to your needs.
Please note this setting applies to all files generated by the Confluence JVM (not the installation files, but newly created files like logs, dumps, temporary files, exports etc).