** Note that this is a public ticket, please refrain from adding any sensitive data. **

Description of Problem

[RFE] insights-client should provide an option to define desired permissions for the log file creation.

Customer:

We are having CIS check failure due to the below logs. The insights log permission need to have 640 permission. I did #chmod 640, but every time insights agent runs, it creates a new log file with 644 permission. How to change the permissions to 640 from configs permanently ?

~~~

1. ll /var/log/insights-client/

rw-rr-. 1 root root 166502 Oct 2 01:09 insights-client.log

rw-rr-. 1 root root 284320 Oct 2 01:09 insights-client.log.1

rw-rr-. 1 root root 30299 Oct 1 00:57 insights-client.log.2

rw-rr-. 1 root root 260523 Oct 1 00:57 insights-client.log.3

~~~

How reproducible

Always

Steps to Reproduce

1. [Step 1]- Insights insights-client
2. [Step 2]- Run any 'insights-client <options>' command.

1. [Step 3]-check the file permissions under /var/log/insights-client/

Actual Behavior

It does not honor umask settings as well.

Expected Behavior

Either it should honor #umask or there should be an dedicated option in the config file.

Business Impact / Additional info

CIS - 4.2.3 Ensure all logfiles have appropriate permissions and ownership. ABC (company) CIS restricts any log files in the /varlog/ should't have any read/write access by "others"