file and directory permission to stream file

[jvrahav]

Folks,

can someone help me to understand what is the minimum set of permissions required on directory and file to read and stream the logs.

i want fluentbit to stream kubernetes audit logs in folder /var/log/audit

this directory is owned by k8s-admin user

fluentbit runs as root user in its pod.

The only permission that seems to work is

directory - 777
file - 644

Without these permissions, fluentbit logs have the following statements

[2025/09/09 11:08:54] [debug] [input:tail:audit_apiserver_tail] cannot read info from: /var/log/audit/kube-apiserver.log
[2025/09/09 11:08:54] [debug] [input:tail:audit_apiserver_tail] 0 new files found on path '/var/log/audit/kube-apiserver.log'
[2025/09/09 11:09:04] [debug] [input:tail:audit_apiserver_tail] scanning path /var/log/audit/kube-apiserver.log
[2025/09/09 11:09:04] [debug] [input:tail:audit_apiserver_tail] cannot read info from: /var/log/audit/kube-apiserver.log
[2025/09/09 11:09:04] [debug] [input:tail:audit_apiserver_tail] 0 new files found on path '/var/log/audit/kube-apiserver.log'

Thanks,
Rahav

[edsiper]

Just need read access to those files, you need to check if those files are available inside the pod when you created the volume