I found one more packaging issue that becomes visible once the log directory permissions are corrected.
After changing `/var/log/jetty9` to the permissions required for rsyslog (`0770 jetty:adm`), the package's current logrotate configuration no longer works. Running: ```sh sudo logrotate -f /etc/logrotate.d/jetty9 ``` fails with: ``` error: skipping "/var/log/jetty9/jetty-console.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. ``` This is expected behaviour of logrotate. When the parent directory is writable by a non-root group, logrotate refuses to operate unless an explicit `su` directive is configured. After adding: ``` su jetty adm ``` to the logrotate configuration, rotation succeeds normally. Combined with the previously reported issue regarding: ``` create 640 jetty adm ``` (which should be `create 660 jetty adm` so that rsyslog can continue writing after rotation), the package's logrotate configuration also requires the appropriate `su` directive. In other words, if the package is fixed by making `/var/log/jetty9` writable by the `adm` group (which is necessary for rsyslog), the logrotate configuration must be updated accordingly as well. Otherwise log rotation will fail with the "parent directory has insecure permissions" error. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2158988 Title: jetty9: LogsDirectory ownership prevents rsyslog from creating jetty- console.log To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/jetty9/+bug/2158988/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
