logrotate ownership problems

Colin Law clanlaw at gmail.com
Tue Sep 9 08:22:12 UTC 2014


On 9 September 2014 09:02, Adam Funk <a24061 at ducksburg.com> wrote:
> On 2014-09-09, Patrick Asselman wrote:
>
>> On 2014-09-08 13:08, Adam Funk wrote:
>>> A few days ago I upgraded rsyslog from 7.4.4-1ubuntu2 to
>>> 7.4.4-1ubuntu2.1 on two machines running 14.04 (logrotate was already
>>> at 3.8.7-1ubuntu1), & both of them are now giving me loads of
>>> "insecure permissions" errors in this morning's anacron output.
>>>
>>> I found a bug report [1] from April 2014 for this problem associated
>>> with the logrotate 3.8.7-1ubuntu1 package, but I've been using that
>>> package for a while now & only seen the problem with this new rsyslog
>>> update.
>>>
>>> What is the correct workaround for this --- adding su lines to the
>>> logrotate.conf.d/* files, or changing the ownership of the /var/log
>>> directories & files?
> ...
>> I would tend to think you never need su lines in the config file,
>> because you can already indicate which user:group and permissions you
>> want logrotate to use. http://linuxconfig.org/logrotate
>>
>> What are the exact messages you are seeing?
>
>
> /etc/cron.daily/logrotate:
> error: skipping "/var/log/aptitude" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

What permissions have you got on /var/log? Mine is owned by root,
group syslog, writable by those, readable by others.

Colin




More information about the ubuntu-users mailing list