Bug #548
closed
Toushirou: /etc/logrotate.d/ddns is ignored by logrotate
100%
Description
/etc/logrotate.d/ddns is ignored by logrotate:
Ignoring ddns because the file owner is wrong (should be root).
Updated by Pierre-Louis Bonicoli almost 7 years ago
This is a new check added in 3.8.2. The check seems legit.
The whole /opt/ddns directory belongs to duck, we could either change the owner of /opt/ddns/conf/logrotate.d/ddns or move /opt/ddns/conf/logrotate.d/ddns in /etc/logrotate.d/ddns.
Updated by Marc Dequènes almost 7 years ago
- Status changed from New to In Progress
We cannot move it, it's a dev git repo and this would just end-up removing it from the provided config examples by mistake. A symlink was used to ensure it keeps in sync.
Could the file's ownership be root:dc-admins or does it have to be root:root? (it seems the code allows it) We could also use POSIX ACLs.
Also I wonder if for collaborative purpose the selected solution should not be applied to the whole /opt directory.
Updated by Pierre-Louis Bonicoli almost 7 years ago
conf/logrotate.d/ddns is not part of the git repository, the whole conf directory is ignored. gid isn't checked, hence ownership for this file could be root:dc-admins. Using this ownership for the whole /opt/ddns tree is a good idea.
It would be better it a dedicated was used for the passenger process.
Updated by Marc Dequènes almost 7 years ago
Ho, I did not remember this. In this case we can move it.
I agree with a dedicated user. We just need proper ACLs to update the code as admins.
Updated by Pierre-Louis Bonicoli almost 7 years ago
- Status changed from In Progress to Resolved
- % Done changed from 0 to 100
File was moved using:
# rm /etc/logrotate.d/ddns && mv /opt/ddns/conf/logrotate.d/ddns /etc/logrotate.d/ddns # chown root:root /etc/logrotate.d/ddns # rm -r /opt/ddns/conf/logrotate.d/