# logrotate -f /etc/logrotate.conf error: failed to rename /var/log/hoge/oyadama.log to /var/log/hoge/oyadama.log.1: Permission denied
error: error setting owner of /var/log/hoge/oyadama.log to uid 0 and gid 0: Operation not permitted
/var/log/hoge/oyadama.log
{
daily
rotate 99
missingok
compress
delaycompress
create 666
su www-data www-data
}ログファイルのユーザが指定のユーザ(この場合www-dataではない)
※この状態だと、ローテートはされるが新しいファイルのパーミッションが 600 になる不具合がある
-rw------- 1 www-data www-data 0 Sep 20 11:13 oyadama.log -rw-rw-rw- 1 root root 0 Sep 20 11:12 oyadama.log.1
error: skipping "/var/log/hoge/oyadama.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
/var/log/hoge/oyadama.log
{
daily
rotate 99
missingok
compress
delaycompress
create 666 www-data www-data
}su の項目が無いとエラーになりローテートされない
ずるい方法
/var/log/hoge/oyadama.log
{
daily
rotate 99
missingok
compress
delaycompress
prerotate
chmod 666 $1
chown www-data $1
endscript
create 0666 www-data www-data
su www-data www-data
}
