logrotate ownership problems
Adam Funk
a24061 at ducksburg.com
Tue Sep 9 08:02:06 UTC 2014
On 2014-09-09, Patrick Asselman wrote:
> On 2014-09-08 13:08, Adam Funk wrote:
>> A few days ago I upgraded rsyslog from 7.4.4-1ubuntu2 to
>> 7.4.4-1ubuntu2.1 on two machines running 14.04 (logrotate was already
>> at 3.8.7-1ubuntu1), & both of them are now giving me loads of
>> "insecure permissions" errors in this morning's anacron output.
>>
>> I found a bug report [1] from April 2014 for this problem associated
>> with the logrotate 3.8.7-1ubuntu1 package, but I've been using that
>> package for a while now & only seen the problem with this new rsyslog
>> update.
>>
>> What is the correct workaround for this --- adding su lines to the
>> logrotate.conf.d/* files, or changing the ownership of the /var/log
>> directories & files?
...
> I would tend to think you never need su lines in the config file,
> because you can already indicate which user:group and permissions you
> want logrotate to use. http://linuxconfig.org/logrotate
>
> What are the exact messages you are seeing?
/etc/cron.daily/logrotate:
error: skipping "/var/log/aptitude" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/checkbox.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/dpkg.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/alternatives.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/inspircd.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/jockey.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
etc. (more of the same for other logs)
Thanks,
Adam
More information about the ubuntu-users
mailing list