Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it possible to force Confluence not to reset permissions of its config file?

Volodymyr Sobotovych
Volodymyr Sobotovych
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 9, 2017

I noticed that each time I restart Confluence 5.9.12, permissions on confluence.cfg.xml are reset:

$ ls -l /var/atlassian/application-data/confluence/confluence.cfg.xml
-rw------- 1 confluence confluence 2227 May  9 11:20 /var/atlassian/application-data/confluence/confluence.cfg.xml
$ bin/start-confluence.sh

To run Confluence in the foreground, start the server with start-confluence.sh -fg
executing as current user
If you encounter issues starting up Confluence, please see the Installation guide at http://confluence.atlassian.com/display/DOC/Confluence+Installation+Guide

Server startup logs are located in /opt/atlassian/confluence/logs/catalina.out
Using CATALINA_BASE:   /opt/atlassian/confluence
Using CATALINA_HOME:   /opt/atlassian/confluence
Using CATALINA_TMPDIR: /opt/atlassian/confluence/temp
Using JRE_HOME:        /opt/atlassian/confluence/jre/
Using CLASSPATH:       /opt/atlassian/confluence/bin/bootstrap.jar:/opt/atlassian/confluence/bin/tomcat-juli.jar
Using CATALINA_PID:    /opt/atlassian/confluence/work/catalina.pid
Tomcat started.
$ ls -l /var/atlassian/application-data/confluence/confluence.cfg.xml
-rw-rw-r-- 1 confluence confluence 2227 May  9 13:08 /var/atlassian/application-data/confluence/confluence.cfg.xml

Notice that the permission was reset from 600 to 664 above.

This introduces security risks since the file is readable by everyone and it might (and normally does) contain db credentials.

Is there a way to ask Confluence not to reset the premissions?

Answer
Watch
Like Be the first to like this
1355 views

2 answers

1 accepted

2 votes
Answer accepted
Branno
Branno
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 9, 2017

Technically, Confluence isn't changing the permissions on the existing file. It actually recreates confluence.cfg.xml at launch, this 'new' file will have whatever the default permissions are set in the umask settings you have.

You can confirm the file creation via 

getfileinfo confluence.cfg.xml

You could change the default permissions for the Linux user that is used to start Confluence. There is a deep-dive into setting this at What is Umask and How To Setup Default umask Under Linux?

If you just want to set is for specific directories you could instead use setfacl. This appears to be a good resource, Linux setfacl command

I didn't test really far back but 5.9.x and 6.1.x both exhibit this behavior.

Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 9, 2017

That's strange, it doesn't do it on my installation.  There is code for it in "setup_user.sh", but it should only run once.

View More Comments
Volodymyr Sobotovych
Volodymyr Sobotovych
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 9, 2017

Which version of Confluence do you use?

In my case (Confluence 5.9.12) it does even more than that. It sorts the list of properties inside of the file.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.