Project

General

Profile

Bug #548

Toushirou: /etc/logrotate.d/ddns is ignored by logrotate

Added by Pierre-Louis Bonicoli about 2 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
Normal
Category:
System :: Base
Start date:
2017-06-02
Due date:
% Done:

100%

Estimated time:
Patch Available:
Confirmed:
No
Branch:
Entity:
DuckCorp
Security:
Help Needed:

Description

/etc/logrotate.d/ddns is ignored by logrotate:

Ignoring ddns because the file owner is wrong (should be root).

History

#1

Updated by Pierre-Louis Bonicoli about 2 years ago

This is a new check added in 3.8.2. The check seems legit.

The whole /opt/ddns directory belongs to duck, we could either change the owner of /opt/ddns/conf/logrotate.d/ddns or move /opt/ddns/conf/logrotate.d/ddns in /etc/logrotate.d/ddns.

#2

Updated by Marc Dequènes about 2 years ago

  • Status changed from New to In Progress

We cannot move it, it's a dev git repo and this would just end-up removing it from the provided config examples by mistake. A symlink was used to ensure it keeps in sync.

Could the file's ownership be root:dc-admins or does it have to be root:root? (it seems the code allows it) We could also use POSIX ACLs.

Also I wonder if for collaborative purpose the selected solution should not be applied to the whole /opt directory.

#3

Updated by Pierre-Louis Bonicoli about 2 years ago

conf/logrotate.d/ddns is not part of the git repository, the whole conf directory is ignored. gid isn't checked, hence ownership for this file could be root:dc-admins. Using this ownership for the whole /opt/ddns tree is a good idea.

It would be better it a dedicated was used for the passenger process.

#4

Updated by Marc Dequènes about 2 years ago

Ho, I did not remember this. In this case we can move it.

I agree with a dedicated user. We just need proper ACLs to update the code as admins.

#5

Updated by Pierre-Louis Bonicoli about 2 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100

File was moved using:

# rm /etc/logrotate.d/ddns && mv /opt/ddns/conf/logrotate.d/ddns /etc/logrotate.d/ddns
# chown root:root /etc/logrotate.d/ddns
# rm -r /opt/ddns/conf/logrotate.d/

Also available in: Atom PDF