New issue 1191 by sascha.l...@gisa.de: sample logrotate conf breaks with
=logrotate-3.8 and split-user
What software version are you running? Please provide the output of "gnt-
cluster --version", "gnt-cluster version", and "hspace --version".
# gnt-cluster --version
gnt-cluster (ganeti v2.13.3-464-g87146ae) 2.14.2
# gnt-cluster version
Software version: 2.14.2
Internode protocol: 2140000
Configuration format: 2140000
OS api version: 20
Export interface: 0
VCS version: (ganeti) version v2.13.3-464-g87146ae
# hspace --version
hspace (ganeti) version v2.13.3-464-g87146ae
compiled with ghc 7.8
running on linux x86_64
What distribution are you using?
# cat /etc/SuSE-release
SUSE Linux Enterprise Server 12 (x86_64)
VERSION = 12
PATCHLEVEL = 1
What steps will reproduce the problem?
1. run logrotation: logrotate -f /etc/logrotate.conf
I've upgraded from SLES11 to 12 (logrotate 3.7 -> 3.8) and noticed, that
logrotate-3.8 is a bit more paranoid then 3.7:
logrotate: error: skipping "/var/log/ganeti/commands.log" because parent
directory has insecure permissions (It's world writable or writable by
group which is not "root") Set "su" directive in config file to tell
logrotate which user/group should be used for rotation.
When ganeti is configured with split-user (--with-user-prefix=
--with-group-prefix=) the log directory has the following permissions/owner:
# ls -ald /var/log/ganeti/
drwxrwx--- 7 gnt-masterd gnt-daemons 4096 Oct 12 14:01 /var/log/ganeti/
Adding "su root gnt-daemons" to doc/examples/ganeti.logrotate solves the
problem for me. I think that every distro running logrotate >=3.8 and
ganeti with split-user is effected (i.e. ubuntu 16.04), but issue #631
complains about "unknown option 'su'" in ubuntu 12.04.
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at: