Logging file's privileges always auto changed to 640?

Steps to reproduce

1.nano /var/www/html/config/config.php
‘log_type’ => ‘owncloud’,
‘logfile’ => ‘/var/log/owncloud.log’,
‘loglevel’ => 2,
‘log_rotate_size’ => 104857600,

2.[root@cos-01 config]# chmod 644 /var/log/owncloud.log
[root@cos-01 config]# ls -alh /var/log/owncloud.log
-rw-r–r-- 1 apache apache 92K Aug 10 08:42 /var/log/owncloud.log

3.login as admin
tail -f /var/log/owncloud.log
{“reqId”:“W2zr5vwKo1FSBB0xD@XxQAAAAAk”,“level”:3,“time”:“2018-08-10T09:35:35+08:00”,“remoteAddr”:"******",“user”:"–",“app”:“no app in context”,“method”:“POST”,“url”:"/index.php/login",“message”:“User backend OC\User\Database is returning home: /home/ocdata//admin for user: admin which differs from existing value: /var/www/html/data/admin”}

[root@cos-01 conf.d]# ls -alh /var/log/owncloud.log
-rw-r----- 1 apache apache 92K Aug 10 09:35 /var/log/owncloud.log

the privilege of the log file auto restore to 640,and the same if put the log file under ocdata folder

Expected behaviour

for this situation , my zabbix can’t access the log file of owncloud because the user zabbix has no permission to the log file, even adding group apache to user zabbix , the zabbix program shows no persmission to the file

Actual behaviour

Tell us what happens instead

Server configuration

Operating system:CentOS Linux release 7.5.1804 (Core)

Web server: Apache


PHP version: php 7

ownCloud version: (see ownCloud admin page) ownCloud 10.0.9

Updated from an older ownCloud or fresh install: updated from an older owncloud

Where did you install ownCloud from: owncloud.com

Signing status (ownCloud 9.0 and above): sorry for my poor english,what does this mean?

Login as admin user into your ownCloud and access 
paste the results into https://gist.github.com/ and puth the link here.

The content of config/config.php:

Log in to the web-UI with an administrator account and click on
'admin' -> 'Generate Config Report' -> 'Download ownCloud config report'
This report includes the config.php settings, the list of activated apps
and other details in a well sanitized form.


If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your ownCloud installation folder

*ATTENTION:* Do not post your config.php file in public as is. Please use one of the above
methods whenever possible. Both, the generated reports from the web-ui and from occ config:list
consistently remove sensitive data. You still may want to review the report before sending.
If done manually then it is critical for your own privacy to dilligently
remove *all* host names, passwords, usernames, salts and other credentials before posting.
You should assume that attackers find such information and will use them against your systems.

List of activated apps:

If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.

Are you using external storage, if yes which one: local/smb/sftp/…

Are you using encryption: yes/no

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…

LDAP configuration (delete this part if not used)

With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your ownCloud installation folder

Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';

Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.

Client configuration


Operating system:


Web server error log

Insert your webserver log here

ownCloud log (data/owncloud.log)

Insert your ownCloud log here

Browser log

Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log 
c) ...


i think it could make sense if you explain your current issue, the current behavior and the expected behavior in some more details rather then only within the topic title.

Hmm, asking for help, but pasting a completely empty issue template… you’re welcome!:-1: