31623 2015-12-15 04:57:26 +0300 Не ротируются логи с logrotate >= 3.9.1-alt1 2016-11-11 11:51:00 +0300 1 1 4 Development Sisyphus logrotate unstable all Linux CLOSED FIXED P3 normal --- 1 evg legion anton asy at cas crux ender enp force lakostis ldv legion mike misha mithraen pma rider shaba viy qa-sisyphus oldest_to_newest 154263 0 evg 2015-12-15 04:57:26 +0300 После обновления logrotate от cron.daily стали приходить такие письма: =8<================================================================= error: skipping "/var/log/nginx/access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/nginx/error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/nginx/nginx.error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. =8<================================================================= лог-файлы при этом не ротируются. 154264 1 ldv 2015-12-15 05:32:10 +0300 Ну написал бы уже кто-нибудь менее глючный logrotate! 154266 2 evg 2015-12-15 05:38:06 +0300 *** Bug 31622 has been marked as a duplicate of this bug. *** 154268 3 evg 2015-12-15 05:46:14 +0300 Ну весь мир с ним живёт. Мне как админу было бы менее неудобно, если бы поведение logrotate совпадало с мэйнтримом. Сейчас, например, приходится делать разные декларации logrotate для ALT и Debian. 154269 4 repository-robot 2015-12-15 05:59:27 +0300 logrotate-3.9.1-alt2 -> sisyphus: * Tue Dec 15 2015 Dmitry V. Levin <ldv@altlinux> 3.9.1-alt2 - Apply ALT Secure Packaging Policy (closes: #31623). 154321 5 evg 2015-12-17 05:49:12 +0300 logrotate-3.9.1-alt2. Про nginx ругань исчезла. Теперь приходит другая: =8<======================================================================= error: skipping "/var/log/uucp/Debug" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/uucp/Log" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/uucp/Stats" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/uucp/errors" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/uucp/info" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/uucp/warnings" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. =8<======================================================================= права/владелец /var/log/uucp из пакета syslog-common не менялся: =8<======================================================================= drwxr-x--- 2 uucp adm 4096 Mar 14 2012 uucp =8<======================================================================= 154322 6 ldv 2015-12-17 06:00:00 +0300 Права на /var/log/uucp/ не соответствуют требованиям ALT Secure Packaging Policy. Довольно давно уже не соответствуют: * Thu May 10 2001 Stanislav Ievlev <inger@altlinux.ru> 1.4.1-alt1 - Up to 1.4.1. - Added patch from Owl. - Fixed parent process killing bug. - Chowned /var/log/uucp to uucp user. 154323 7 evg 2015-12-17 07:17:12 +0300 К сожалению, без syslog-common (и соответственно без такой ругани) сейчас не обходятся postfix/openvpn/nut-server и, видимо, все реализации демона syslog. 154332 8 anton 2015-12-17 18:53:36 +0300 *** Bug 31638 has been marked as a duplicate of this bug. *** 159841 9 asy 2016-11-11 11:51:00 +0300 (In reply to comment #5) > error: skipping "/var/log/uucp/Debug" because parent directory has insecure > permissions (it's not owned by "root"); consider using "su" directive in config > file to tell logrotate which user/group should be used for rotation. Оставлю тут ссылку на Bug 31636 про uucp, чтобы искалось проще.