Restrict log permissions

[JAORMX]

While the current log directory permissions are restrictive and correct,
the file permissions are too permissive and it raises flags on
evaluations of the deployment. Let's instead change the permissions to
0600 which is more appropriate for these types of logs.

Note that while this is a superficial fix, it is also meant to address upgrades
(on an upgrade scenario, the permissions of old and rotated log files will be
fixed).

[JAORMX]

cc @stlaz

[stlaz]

/hold
This is weird. Why not fix it in the component itself?

[JAORMX]

/hold
This is weird. Why not fix it in the component itself?

In case of upgrades, this would fix the permissions of old logs too.

[stlaz]

/hold cancel
That's alright, then

[sttts]

This misses logs after log rotation.

[JAORMX]

@sttts logs after log rotation inherit the initial permissions (at least that's how the underlying library is supposed to work)

[JAORMX]

@sttts for reference, this attempts to fix the default in the underlying library natefinch/lumberjack#112
and this attempts to change the permissions in kube: kubernetes/kubernetes#95387

[sttts]

/lgtm
/approve

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: JAORMX, sttts

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [sttts]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment