logrotate fails to rotate logs: error setting owner

permissions users groups logrotate

16,241

You can try using logrotates create directive to set the permissions of the newly created log file. To use it you

/home/logs/*.log {
    rotate 7
    daily
    create 0777 user1 user1
    ^^^^^^^^^^^^^^^^^^^^^^
    copytruncate
    compress
    notifempty
 }

From man logrotate

 create mode owner group, create owner group
Immediately after rotation (before the postrotate script is run) the log file is created (with the same name as the log file just rotated). mode specifies the mode for the log file in octal (the same as chmod(2)), owner specifies the user name who will own the log file, and group specifies the group the log file will belong to. Any of the log file attributes may be omitted, in which case those attributes for the new file will use the same values as the original log file for the omitted attributes. This option can be disabled using the nocreate option.

16,241

hdf

linux/unix noob

Updated on September 18, 2022

Comments

hdf over 1 year
Recently I've noticed that logrotate does not rotate my logs.

user1@host:~$ /usr/sbin/logrotate /home/user1/logrotate.conf -v gives me an error:
```
error: error setting owner of /home/logs/mylog.log.1 to uid 10111 and gid 10111: 
Operation not permitted
error: error creating output file /var/lib/logrotate/status.tmp:
Permission denied
```
That gid confuses me, as user1 is only a member of a group with different gid:
```
user1@host:~$ id
uid=10111(user1) gid=1001(mygroup) groups=1001(mygroup)
```
However, there's another group called user1, but, as I mentioned, actual user user1 is not its member:
```
user1@host:~$ cat /etc/group | grep user1
user1:x:10111
```
It's something simple here, but I can't see it.

UPDATE: here's what logrotate.conf looks like:

/home/logs/*.log { rotate 7 daily copytruncate compress notifempty }

user1@host:~$ ls -al /home/logs/ -rw-r--r-- 1 user1 mygroup 190826983 Dec 18 06:05 mylog.log
- Admin over 8 years
  
  does running sudo logrotate -v /home/user1/logrotate.conf work for you?
- Admin over 8 years
  
  can you please update your question by pasting the output of these commands cat /home/user1/logrotate.conf and also ls -al <log file to be rotated> (then format that code by highlighting and clicking the {} button)
- Admin over 8 years
  
  are you showing us the usernames and pathnames etc -as they actually are - or are you changing them before you paste? they don't seem to match ...
- Admin over 8 years
  
  @the_velour_fog yeah, my bad. should be ok now.
hdf over 8 years

but what this user1 group has to do with all this stuff?
Michael Butler over 3 years

Quick note here, create should not be used together with copytruncate -- "When this option is used, the create option will have no effect, as the old log file stays in place."