[Touch-packages] [Bug 1278193] Re: logrotate skip the rotation of many files under /var/log due to bad group ownership
This is really annoying... the obvious fix is to revert the permissions and ownership of /var/log/ if possible. But... why was the group changed? Anyone know? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to logrotate in Ubuntu. https://bugs.launchpad.net/bugs/1278193 Title: logrotate skip the rotation of many files under /var/log due to bad group ownership Status in logrotate package in Ubuntu: Confirmed Bug description: With the latest update to logrotate (3.8.7-1ubuntu1), the group ownership of /var/log was changed to "syslog" causing this kind of problem: # logrotate -df /etc/logrotate.d/rsyslog reading config file /etc/logrotate.d/rsyslog Handling 2 logs rotating pattern: /var/log/syslog forced from command line (7 rotations) empty log files are not rotated, old logs are removed considering log /var/log/syslog error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. ... # ls -la /var/ | grep log drwxrwxr-x 17 root syslog 4096 Feb 9 10:58 log $ lsb_release -rd Description: Ubuntu Trusty Tahr (development branch) Release: 14.04 $ apt-cache policy logrotate logrotate: Installed: 3.8.7-1ubuntu1 Candidate: 3.8.7-1ubuntu1 Version table: *** 3.8.7-1ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages 100 /var/lib/dpkg/status ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: logrotate 3.8.7-1ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-8.27-generic 3.13.2 Uname: Linux 3.13.0-8-generic x86_64 ApportVersion: 2.13.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Sun Feb 9 17:19:41 2014 InstallationDate: Installed on 2014-01-26 (14 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124) SourcePackage: logrotate UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1278193] Re: logrotate skip the rotation of many files under /var/log due to bad group ownership
#8 is a good analysis... this change breaks manually running logrotate with a specific file as argument. It doesn't seem to affect automatic rotation due to the su line in /etc/logrotate.conf. Seems that making root:syslog the default for all logrotate scripts would fix this behavior, as would reverting ownership of /var/log to root:root. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to logrotate in Ubuntu. https://bugs.launchpad.net/bugs/1278193 Title: logrotate skip the rotation of many files under /var/log due to bad group ownership Status in logrotate package in Ubuntu: Confirmed Bug description: With the latest update to logrotate (3.8.7-1ubuntu1), the group ownership of /var/log was changed to "syslog" causing this kind of problem: # logrotate -df /etc/logrotate.d/rsyslog reading config file /etc/logrotate.d/rsyslog Handling 2 logs rotating pattern: /var/log/syslog forced from command line (7 rotations) empty log files are not rotated, old logs are removed considering log /var/log/syslog error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. ... # ls -la /var/ | grep log drwxrwxr-x 17 root syslog 4096 Feb 9 10:58 log $ lsb_release -rd Description: Ubuntu Trusty Tahr (development branch) Release: 14.04 $ apt-cache policy logrotate logrotate: Installed: 3.8.7-1ubuntu1 Candidate: 3.8.7-1ubuntu1 Version table: *** 3.8.7-1ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages 100 /var/lib/dpkg/status ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: logrotate 3.8.7-1ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-8.27-generic 3.13.2 Uname: Linux 3.13.0-8-generic x86_64 ApportVersion: 2.13.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Sun Feb 9 17:19:41 2014 InstallationDate: Installed on 2014-01-26 (14 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124) SourcePackage: logrotate UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1278193] Re: logrotate skip the rotation of many files under /var/log due to bad group ownership
I've went through this problem just now. The changes described in #5 solved the problem for me as well. The fix released in LP: #1258202 (logrotate version 3.8.6-1ubuntu2) adds those lines to the default logrotate.conf file, but I got some custom configs in mine and so I had to manually change it. Of course it only works when it reads logrotate.conf, which I guess is not the case when you run this way: logrotate -df /etc/logrotate.d/rsyslog Running either /etc/cron.daily/logrotate or "/usr/sbin/logrotate /etc/logrotate.conf" works fine. Maybe the config "su root syslog" should be the compile-time-default in Ubuntu so to avoid this situation. Don't know if it is possible. Also, from what I understand reading man logrotate.conf, the "su root syslog" line only changes the user/group that the process of rotation will run as, which does not (necessarily) affect the owner and group of the log files: that is defined by the "create" directive (see the logrotate.conf man for that directive). That's why you don't see any files with group syslog, Uwe. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to logrotate in Ubuntu. https://bugs.launchpad.net/bugs/1278193 Title: logrotate skip the rotation of many files under /var/log due to bad group ownership Status in “logrotate” package in Ubuntu: Confirmed Bug description: With the latest update to logrotate (3.8.7-1ubuntu1), the group ownership of /var/log was changed to "syslog" causing this kind of problem: # logrotate -df /etc/logrotate.d/rsyslog reading config file /etc/logrotate.d/rsyslog Handling 2 logs rotating pattern: /var/log/syslog forced from command line (7 rotations) empty log files are not rotated, old logs are removed considering log /var/log/syslog error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. ... # ls -la /var/ | grep log drwxrwxr-x 17 root syslog 4096 Feb 9 10:58 log $ lsb_release -rd Description: Ubuntu Trusty Tahr (development branch) Release: 14.04 $ apt-cache policy logrotate logrotate: Installed: 3.8.7-1ubuntu1 Candidate: 3.8.7-1ubuntu1 Version table: *** 3.8.7-1ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages 100 /var/lib/dpkg/status ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: logrotate 3.8.7-1ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-8.27-generic 3.13.2 Uname: Linux 3.13.0-8-generic x86_64 ApportVersion: 2.13.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Sun Feb 9 17:19:41 2014 InstallationDate: Installed on 2014-01-26 (14 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124) SourcePackage: logrotate UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1278193] Re: logrotate skip the rotation of many files under /var/log due to bad group ownership
@Vinny: I have /etc/logrotate.conf as of 2014-01-22 containing: # use the syslog group by default, since this is the owning group # of /var/log/syslog. su root syslog Yet according to `find / -user syslog' and `find / -group syslog', I have no files with owning group syslog, I have log files with owning user syslog. /var/log/syslog's owning user/group is as posted by Alex Dicianu. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to logrotate in Ubuntu. https://bugs.launchpad.net/bugs/1278193 Title: logrotate skip the rotation of many files under /var/log due to bad group ownership Status in “logrotate” package in Ubuntu: Confirmed Bug description: With the latest update to logrotate (3.8.7-1ubuntu1), the group ownership of /var/log was changed to "syslog" causing this kind of problem: # logrotate -df /etc/logrotate.d/rsyslog reading config file /etc/logrotate.d/rsyslog Handling 2 logs rotating pattern: /var/log/syslog forced from command line (7 rotations) empty log files are not rotated, old logs are removed considering log /var/log/syslog error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. ... # ls -la /var/ | grep log drwxrwxr-x 17 root syslog 4096 Feb 9 10:58 log $ lsb_release -rd Description: Ubuntu Trusty Tahr (development branch) Release: 14.04 $ apt-cache policy logrotate logrotate: Installed: 3.8.7-1ubuntu1 Candidate: 3.8.7-1ubuntu1 Version table: *** 3.8.7-1ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages 100 /var/lib/dpkg/status ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: logrotate 3.8.7-1ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-8.27-generic 3.13.2 Uname: Linux 3.13.0-8-generic x86_64 ApportVersion: 2.13.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Sun Feb 9 17:19:41 2014 InstallationDate: Installed on 2014-01-26 (14 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124) SourcePackage: logrotate UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1278193] Re: logrotate skip the rotation of many files under /var/log due to bad group ownership
Same problem here. Since I upgraded to Trusty Tahr syslog stopped rotating. $ /var/log# ls -la syslog* -rw-r- 1 syslog adm 35897990 Sep 24 14:10 syslog -rw-r- 1 syslog adm 3083621 Aug 19 06:36 syslog.1 -rw-r- 1 syslog adm37647 Aug 18 06:43 syslog.2.gz -rw-r- 1 syslog adm40009 Aug 17 06:42 syslog.3.gz -rw-r- 1 syslog adm60140 Aug 16 06:39 syslog.4.gz -rw-r- 1 syslog adm63035 Aug 15 06:38 syslog.5.gz -rw-r- 1 syslog adm59387 Aug 14 06:40 syslog.6.gz -rw-r- 1 syslog adm66224 Aug 13 06:30 syslog.7.gz -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to logrotate in Ubuntu. https://bugs.launchpad.net/bugs/1278193 Title: logrotate skip the rotation of many files under /var/log due to bad group ownership Status in “logrotate” package in Ubuntu: Confirmed Bug description: With the latest update to logrotate (3.8.7-1ubuntu1), the group ownership of /var/log was changed to "syslog" causing this kind of problem: # logrotate -df /etc/logrotate.d/rsyslog reading config file /etc/logrotate.d/rsyslog Handling 2 logs rotating pattern: /var/log/syslog forced from command line (7 rotations) empty log files are not rotated, old logs are removed considering log /var/log/syslog error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. ... # ls -la /var/ | grep log drwxrwxr-x 17 root syslog 4096 Feb 9 10:58 log $ lsb_release -rd Description: Ubuntu Trusty Tahr (development branch) Release: 14.04 $ apt-cache policy logrotate logrotate: Installed: 3.8.7-1ubuntu1 Candidate: 3.8.7-1ubuntu1 Version table: *** 3.8.7-1ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages 100 /var/lib/dpkg/status ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: logrotate 3.8.7-1ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-8.27-generic 3.13.2 Uname: Linux 3.13.0-8-generic x86_64 ApportVersion: 2.13.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Sun Feb 9 17:19:41 2014 InstallationDate: Installed on 2014-01-26 (14 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124) SourcePackage: logrotate UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1278193] Re: logrotate skip the rotation of many files under /var/log due to bad group ownership
I had the same experience when upgrading rsyslog [rsyslog:amd64 (7.4.4-1ubuntu2, 7.4.4-1ubuntu2.1)]. I manually added: # use the syslog group by default, since this is the owning group # of /var/log/syslog. su root syslog To top of the /etc/logrotate.conf, which resolved the problem. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to logrotate in Ubuntu. https://bugs.launchpad.net/bugs/1278193 Title: logrotate skip the rotation of many files under /var/log due to bad group ownership Status in “logrotate” package in Ubuntu: Confirmed Bug description: With the latest update to logrotate (3.8.7-1ubuntu1), the group ownership of /var/log was changed to "syslog" causing this kind of problem: # logrotate -df /etc/logrotate.d/rsyslog reading config file /etc/logrotate.d/rsyslog Handling 2 logs rotating pattern: /var/log/syslog forced from command line (7 rotations) empty log files are not rotated, old logs are removed considering log /var/log/syslog error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. ... # ls -la /var/ | grep log drwxrwxr-x 17 root syslog 4096 Feb 9 10:58 log $ lsb_release -rd Description: Ubuntu Trusty Tahr (development branch) Release: 14.04 $ apt-cache policy logrotate logrotate: Installed: 3.8.7-1ubuntu1 Candidate: 3.8.7-1ubuntu1 Version table: *** 3.8.7-1ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages 100 /var/lib/dpkg/status ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: logrotate 3.8.7-1ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-8.27-generic 3.13.2 Uname: Linux 3.13.0-8-generic x86_64 ApportVersion: 2.13.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Sun Feb 9 17:19:41 2014 InstallationDate: Installed on 2014-01-26 (14 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124) SourcePackage: logrotate UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1278193] Re: logrotate skip the rotation of many files under /var/log due to bad group ownership
Yesterday I upgraded rsyslog from 7.4.4-1ubuntu2 to 7.4.4-1ubuntu2.1 on two machines (logrotate was already at 3.8.7-1ubuntu1), & both of them gave me loads of "insecure permissions" in this morning's anacron output. What is the workaround --- fixing the su lines in the logrotate.conf files, or changing the ownership of the /var/log directories & files? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to logrotate in Ubuntu. https://bugs.launchpad.net/bugs/1278193 Title: logrotate skip the rotation of many files under /var/log due to bad group ownership Status in “logrotate” package in Ubuntu: Confirmed Bug description: With the latest update to logrotate (3.8.7-1ubuntu1), the group ownership of /var/log was changed to "syslog" causing this kind of problem: # logrotate -df /etc/logrotate.d/rsyslog reading config file /etc/logrotate.d/rsyslog Handling 2 logs rotating pattern: /var/log/syslog forced from command line (7 rotations) empty log files are not rotated, old logs are removed considering log /var/log/syslog error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. ... # ls -la /var/ | grep log drwxrwxr-x 17 root syslog 4096 Feb 9 10:58 log $ lsb_release -rd Description: Ubuntu Trusty Tahr (development branch) Release: 14.04 $ apt-cache policy logrotate logrotate: Installed: 3.8.7-1ubuntu1 Candidate: 3.8.7-1ubuntu1 Version table: *** 3.8.7-1ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages 100 /var/lib/dpkg/status ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: logrotate 3.8.7-1ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-8.27-generic 3.13.2 Uname: Linux 3.13.0-8-generic x86_64 ApportVersion: 2.13.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Sun Feb 9 17:19:41 2014 InstallationDate: Installed on 2014-01-26 (14 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124) SourcePackage: logrotate UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp