Confluence logging and umask

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Problem

I would like to use or I'm using umask on my server to set the default permissions on the file system for Confluence but the log files are being generated with a different set of permissions

Diagnosis

Environment

Confluence resides on a Linux server with a umask set with the user running Confluence

Diagnostic Steps

Logs are being generated with a default set of permissions as the following:

1
2

-rw-r----- 1 confluen confluen 10.1M May 21 22:51 atlassian-confluence.log
-rw-r----- 1 confluen confluen 20.0M May 18 23:01 atlassian-confluence.log.1

Cause

The process is governed by the Tomcat application server that runs Confluence application which uses a default umask of 0027.

Solution

Workaround

We can change this by specifying an environment variable named UMASK as expected by Tomcat to override the default value.

Add the following line to setenv.sh file at <Confluence_INSTALL_LOCATION>/bin folder, at the end of the file:

export UMASK=0022

Restart Confluence to take effect.
Please note that the value 0022 is just an example, change it accordingly to your needs.

Please note this setting applies to all files generated by the Confluence JVM (not the installation files, but newly created files like logs, dumps, temporary files, exports etc).

Updated on April 2, 2025

Was this helpful?

It wasn't accurateIt wasn't clearIt wasn't relevant

Atlassian Support