logrotate failing to rotate, permission denied as root user

linux permissions centos cron logrotate
7,679

Turns out this was an SELinux issue, the file context was not one that logrotate had access to, so was repeatedly getting denied access.

See here for this answer: SELinux fcontext

Share:
7,679

Related videos on Youtube

Erich
Author by

Erich

Updated on September 18, 2022

Comments

  • Erich
    Erich over 1 year

    I'm having a problem that I cannot wrap my head around. I've setup logrotate on a centos 7 server to rotate my app logs.

    This file is in /etc/cron.daily (i even added a whoami to verify it's running as root):

    #!/bin/sh

whoami

/usr/sbin/logrotate -v /etc/logrotate.d/myapp
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0

    This executes my logrotate config ... 

    "/opt/myapp/log/*.log" {
  daily
  create 644 root root
  rotate 5
  size 20M
  copytruncate
  missingok
  notifempty
  compress
}

    Here is my log directory... 

    [root@server log]# ls -la
total 97684
drwxr-xr-x. 3 root root      4096 Sep 28 12:41 .
drwxr-xr-x. 5 root root      4096 Sep 27 20:57 ..
-rw-r--r--. 1 root root 100015457 Sep 28 12:36 myapp.log

    Every time we run it manually as root, it rotates the log... but when we run it through cron, it fails. Here is the mail it sends... 

    From root@server  Thu Sep 28 12:30:02 2017
Return-Path: <root@server>
X-Original-To: root
Delivered-To: root@server
Received: by server (Postfix, from userid 0)
        id 9C82B419; Thu, 28 Sep 2017 12:30:02 -0500 (CDT)
From: "(Cron Daemon)" <root@server>
To: root@server
Subject: Cron <root@server> run-parts /etc/cron.daily
Content-Type: text/plain; charset=UTF-8
Auto-Submitted: auto-generated
Precedence: bulk
X-Cron-Env: <XDG_SESSION_ID=10746>
X-Cron-Env: <XDG_RUNTIME_DIR=/run/user/0>
X-Cron-Env: <LANG=en_US.UTF-8>
X-Cron-Env: <SHELL=/bin/bash>
X-Cron-Env: <PATH=/sbin:/bin:/usr/sbin:/usr/bin>
X-Cron-Env: <MAILTO=root>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>
Message-Id: <20170928173002.9C82B419@server>
Date: Thu, 28 Sep 2017 12:30:01 -0500 (CDT)
/etc/cron.daily/myapp:

root <<<<<<<<< whoami output
reading config file /etc/logrotate.d/myapp
Handling 1 logs
rotating pattern: /opt/myapp/log/*.log  20971520 bytes (5 rotations)
empty log files are not rotated, old logs are removed
considering log /opt/myapp/log/myapp.log
  log needs rotating
rotating log /opt/myapp/log/myapp.log, log->rotateCount is 5
error: error opening /opt/myapp/log/myapp.log: Permission denied
set default create context

    Anyone ever encounter this or have any ideas what could be causing this?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

/etc/crontab permissions
Why does my CentOS logrotate run at random times?
Can't start Bind open: /etc/named.conf: permission denied - Centos 7
Restore default permissions to "/var" to CentOS installation
Unable to write files on CentOS
SElinux prevent cron from running Centos 7
How give the permission to access subfolders in /root?
Root Can't Delete Folder It Owns
rsync: Permission denied (publickey) with SSH
Group member cannot create files/directories in folder