webadmin-list

[webmin-l] Webmin fails to configure logrotate using existing permissions

[Joaquim H. <jo...@we...>]

A number of log files are set to:

         rotate 7
compress
postrotate
         service nginx restart
/usr/lib/php/php7.2-fpm-reopenlogs
endscript
sharedscripts
missingok
daily
delaycompress
         ifempty

In the webmin interface, it's set to use previous permissions, yet when 
the rotation has completed, the new logs are owned by root.root, etc ... ?

I've checked three times now and prior to rotation I've set the proper 
ownership.

Ubuntu 18.04.LTS.


-joho

Re: [webmin-l] Webmin fails to configure logrotate using existing permissions

[Jamie C. <jca...@we...>]

That seems like a logrotate bug? I'd expect it would be responsible for
putting back the right permissions.

On 15/Aug/2019 07:07 Joaquim Homrighausen <jo...@we...> wrote ..
> 
> A number of log files are set to:
> 
>          rotate 7
> compress
> postrotate
>          service nginx restart
> /usr/lib/php/php7.2-fpm-reopenlogs
> endscript
> sharedscripts
> missingok
> daily
> delaycompress
>          ifempty
> 
> In the webmin interface, it's set to use previous permissions, yet when 
> the rotation has completed, the new logs are owned by root.root, etc ... ?
> 
> I've checked three times now and prior to rotation I've set the proper 
> ownership.
> 
> Ubuntu 18.04.LTS.
> 
> 
> -joho
> 
> 
> 
> 
> 
> -
> Forwarded by the Webmin mailing list at web...@li...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-list

Re: [webmin-l] Webmin fails to configure logrotate using existing permissions

[Andrey R. <anr...@ya...>]

Greetings, Jamie Cameron!

> That seems like a logrotate bug? I'd expect it would be responsible for
> putting back the right permissions.

Depends, who is creating the logfile.
Either supply `nocreate` to logrotate config (then the program is responsible
for proper chmod/chown), or supply `create [mode] user group`, then logrotate
will create new files with proper rights after rotation.

See man logrotate.conf

> On 15/Aug/2019 07:07 Joaquim Homrighausen wrote ..
>> 
>> A number of log files are set to:
>> 
>>          rotate 7
>> compress
>> postrotate
>>          service nginx restart
>> /usr/lib/php/php7.2-fpm-reopenlogs
>> endscript
>> sharedscripts
>> missingok
>> daily
>> delaycompress
>>          ifempty
>> 
>> In the webmin interface, it's set to use previous permissions, yet when 
>> the rotation has completed, the new logs are owned by root.root, etc ... ?
>> 
>> I've checked three times now and prior to rotation I've set the proper 
>> ownership.
>> 
>> Ubuntu 18.04.LTS.


-- 
With best regards,
Andrey Repin
Monday, August 19, 2019 14:23:17

Sorry for my terrible english...

Re: [webmin-l] Webmin fails to configure logrotate using existing permissions

[Joaquim H. <jo...@we...>]

You may be right ... but the manpage (at least for me) shows this:

create mode owner group, create owner group

               Immediately  after rotation  (before the postrotate 
script is run) the log file is created (with the same name as
               the log file just rotated).  mode specifies the mode for 
the log file in octal (the same as chmod(2)), owner spec‐
               ifies  the  user name who will own the log file, and 
group specifies the group the log file will belong to. Any of
               the log file attributes may be omitted, in which case 
those attributes for the new file will use the  same  values
               as the original log file for the omitted attributes. This 
option can be disabled using the nocreate option.


And I don't see any "create" instruction in there. But maybe one of the 
other options imply "create"?


-joho



On 2019-08-19 02:15, Jamie Cameron wrote:
> That seems like a logrotate bug? I'd expect it would be responsible for
> putting back the right permissions.

Re: [webmin-l] Webmin fails to configure logrotate using existing permissions

[Andrey R. <anr...@ya...>]

Greetings, Joaquim Homrighausen!


> You may be right ... but the manpage (at least for me) shows this:

> create mode owner group, create owner group

>                Immediately  after rotation  (before the postrotate 
> script is run) the log file is created (with the same name as
>                the log file just rotated).  mode specifies the mode for 
> the log file in octal (the same as chmod(2)), owner spec‐
>                ifies  the  user name who will own the log file, and 
> group specifies the group the log file will belong to. Any of
>                the log file attributes may be omitted, in which case 
> those attributes for the new file will use the  same  values
>                as the original log file for the omitted attributes. This 
> option can be disabled using the nocreate option.


> And I don't see any "create" instruction in there. But maybe one of the 
> other options imply "create"?

I read the man page like "create" is default, and it creates files with
ownership/umask of a user running logrotate, unless something else specified.


-- 
With best regards,
Andrey Repin
Tuesday, August 20, 2019 12:52:24

Sorry for my terrible english...

Re: [webmin-l] Webmin fails to configure logrotate using existing permissions

[Joaquim H. <jo...@we...>]

You may be right. But this hasn't failed before ... that said, I'm not 
sure Webmin is to blame either, it was just a thought.