How to make the permission settings on ASE’s errorlog less restrictive

Prior to ASE 15.7 SP100, ASE’s errorlog had default permission settings of  rw-r–r– (644).
Starting with ASE 15.7 SP100, SAP has applied a stricter security standard of rw-r—– (640).

This has caused problems with some third party tools that monitor the errorlog but have not been

set up to be part of the sybase group.

The OS UMASK setting can be used to enforce a more restrictive setting, but not a less restrictive one.

There are no configuration parameters you can change in ASE to make these permissions settings.

However, there is a workaround.  Less restrictive permission settings can be accomplished by having the
RUN_SERVER file execute in background a script that does  brief sleep and then a chmod on
the errorlog to the desired permissions.  This script execution would be put before the call to dataserver.
The sleep is to give dataserver enough time to have started up and applied SAP’s restrictive permission settings to the
errorlog.

Create a script file named “reset_errorlog_perms” with the following contents (substitute actual  desired permission setting and errorlog name)

—————-
sleep 5
chmod 644 errorlog.log
—————–

Set execute permissions on for the file (chmod 700 reset_errorlog_perms)

Modify the RUN_SERVER file so it calls reset_errorlog_perms in the background before calling dataserver.