Bug 1276484

+++ This bug was initially created as a clone of Bug #1256735 +++

Description of problem: krb5kdc.log file is world-readable

Version-Release number of selected component (if applicable):

[root@ipaserver log]# rpm -qa | grep ipa-server
ipa-server-4.2.0-5.el7.x86_64
ipa-server-trust-ad-4.2.0-5.el7.x86_64
ipa-server-dns-4.2.0-5.el7.x86_64
krb5-server-1.13.2-8.el7.x86_64

How reproducible:Always


Steps to Reproduce:
1. Login to IPA server.
2. Navigate to /var/log directory
3. Check the permission of the krb5kdc.log

Actual results: krb5kdc.log file is world-readable.

-rw-------. 1 root   root          25381 Aug 25 15:42 kadmind.log
-rw-r--r--. 1 root   root        1396050 Aug 25 16:30 krb5kdc.log


Expected results: krb5kdc.log shouldn't be world-readable unless needed and also keeping permissions 0600 to be consistent with other kerberos log files.