logrotate ownership problems
Patrick Asselman
iceblink at seti.nl
Tue Sep 9 08:57:50 UTC 2014
On 2014-09-09 10:22, Colin Law wrote:
> On 9 September 2014 09:02, Adam Funk <a24061 at ducksburg.com> wrote:
>> On 2014-09-09, Patrick Asselman wrote:
>>
>>> On 2014-09-08 13:08, Adam Funk wrote:
>>>> A few days ago I upgraded rsyslog from 7.4.4-1ubuntu2 to
>>>> 7.4.4-1ubuntu2.1 on two machines running 14.04 (logrotate was
>>>> already
>>>> at 3.8.7-1ubuntu1), & both of them are now giving me loads of
>>>> "insecure permissions" errors in this morning's anacron output.
>>>>
>>>> I found a bug report [1] from April 2014 for this problem
>>>> associated
>>>> with the logrotate 3.8.7-1ubuntu1 package, but I've been using
>>>> that
>>>> package for a while now & only seen the problem with this new
>>>> rsyslog
>>>> update.
>>>>
>>>> What is the correct workaround for this --- adding su lines to the
>>>> logrotate.conf.d/* files, or changing the ownership of the
>>>> /var/log
>>>> directories & files?
>> ...
>>> I would tend to think you never need su lines in the config file,
>>> because you can already indicate which user:group and permissions
>>> you
>>> want logrotate to use. http://linuxconfig.org/logrotate
>>>
>>> What are the exact messages you are seeing?
>>
>>
>> /etc/cron.daily/logrotate:
>> error: skipping "/var/log/aptitude" because parent directory has
>> insecure permissions (It's world writable or writable by group which
>> is not "root") Set "su" directive in config file to tell logrotate
>> which user/group should be used for rotation.
>
> What permissions have you got on /var/log? Mine is owned by root,
> group syslog, writable by those, readable by others.
>
> Colin
And what does your /etc/logrotate.conf look like?
It should have a "su root syslog" line apparently,
https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193
Best regards,
Patrick Asselman
More information about the ubuntu-users
mailing list