logrotate wants to know which user/group should be used for rotation because by default it's world writable or writable by group which is not "root".
/etc/cron.daily/logrotate:
error: skipping "/var/log/mail/mail.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/mail/rspamd.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
run-parts: /etc/cron.daily/logrotate exited with return code 1
Raising this issue here because the mount is at https://github.com/docker-mailserver/docker-mailserver-helm/blob/master/charts/docker-mailserver/templates/deployment.yaml#L263-L267
Logrotate config is at https://github.com/docker-mailserver/docker-mailserver/blob/1a938dfb15e94f43f1af5ddaf7b8276aba92a825/target/scripts/startup/setup.d/log.sh#L13-L38
Current mount definition
root@mail-docker-mailserver-5ff8b6b7c-7brm4:/var/log# ls -la
total 216
drwxr-xr-x 1 root root 4096 Sep 29 06:48 .
drwxr-xr-x 1 root root 4096 Sep 28 21:29 ..
-rw-r--r-- 1 root root 4297 May 29 00:30 alternatives.log
drwxr-xr-x 1 root root 4096 May 29 00:30 apt
-rw-r----- 1 root adm 1027 Sep 29 09:17 auth.log
-rw-r----- 1 root adm 3985 Sep 29 06:48 auth.log.1
-rw-rw---- 1 root utmp 0 May 13 00:00 btmp
-rw-r----- 1 root adm 429 Sep 29 09:17 cron.log
-rw-r----- 1 root adm 2123 Sep 29 06:48 cron.log.1
drwxr-xr-x 2 root root 4096 May 29 00:29 dbconfig-common
-rw-r--r-- 1 root root 141271 Jun 5 15:16 dpkg.log
lrwxrwxrwx 1 root root 26 Jun 5 15:16 fail2ban.log -> /var/log/mail/fail2ban.log
-rw-r--r-- 1 root root 0 May 13 00:00 faillog
-rw-rw-r-- 1 root utmp 0 May 13 00:00 lastlog
drwxrwxrwx 2 syslog root 4096 Sep 27 19:41 mail # <<<--------- mounted as syslog root
lrwxrwxrwx 1 root root 22 Jun 5 15:16 mail.log -> /var/log/mail/mail.log
drwxr-s--- 2 redis adm 4096 May 29 00:30 redis
drwxr-x--- 2 _rspamd _rspamd 4096 Feb 26 2024 rspamd
drwxr-xr-x 1 root root 4096 Sep 28 21:29 supervisor
-rw-r----- 1 root adm 741 Sep 29 09:17 syslog
-rw-r----- 1 root adm 2306 Sep 29 06:48 syslog.1
-rw-r----- 1 root adm 116 Sep 29 06:48 user.log
-rw-rw-r-- 1 root utmp 0 May 13 00:00 wtmp
Two potential solutions:
- adjust permissions of the mountpoint
- provide suggested config to logrotate
logrotate wants to know which user/group should be used for rotation because by default it's world writable or writable by group which is not "root".
Raising this issue here because the mount is at https://github.com/docker-mailserver/docker-mailserver-helm/blob/master/charts/docker-mailserver/templates/deployment.yaml#L263-L267
Logrotate config is at https://github.com/docker-mailserver/docker-mailserver/blob/1a938dfb15e94f43f1af5ddaf7b8276aba92a825/target/scripts/startup/setup.d/log.sh#L13-L38
Current mount definition
Two potential solutions: