Bug #2820
closed
logrotate doesn't seem to work on SuSE
Description
With Rudder 2.4.0~beta2 Rudder server on a SLES 11, logrotate doesn"t seem to work:
# logrotate -v /etc/logrotate.d/rudder
reading config file /etc/logrotate.d/rudder
reading config info for /var/log/rudder/apache2/*.log
error: /etc/logrotate.d/rudder:8 unknown group 'adm'
error: found error in /var/log/rudder/apache2/*.log , skipping
removing last 1 log configs
error: /etc/logrotate.d/rudder:11 lines must begin with a keyword or a filename (possibly in double quotes)
error: /etc/logrotate.d/rudder:12 unknown option 'if' -- ignoring line
error: /etc/logrotate.d/rudder:12 unexpected text
error: /etc/logrotate.d/rudder:13 unknown option 'invoke' -- ignoring line
error: /etc/logrotate.d/rudder:13 unexpected text
error: /etc/logrotate.d/rudder:14 unknown option 'else' -- ignoring line
error: /etc/logrotate.d/rudder:15 duplicate log entry for fi
error: found error in /etc/init.d/apache2 reload > /dev/null
fi
fi
endscript
}
/var/log/rudder/ldap/slapd.log , skipping
removing last 1 log configs
reading config info for /var/log/rudder/reports/*.log
error: /etc/logrotate.d/rudder:32 unknown group 'adm'
error: found error in /var/log/rudder/reports/*.log , skipping
removing last 1 log configs
Handling 3 logs
rotating pattern: /var/log/rudder/apache2/*.log after 1 days (30 rotations)
empty log files are not rotated, old logs are removed
considering log /var/log/rudder/apache2/access.log
log does not need rotating
considering log /var/log/rudder/apache2/error.log
log does not need rotating
rotating pattern: /etc/init.d/apache2 reload > /dev/null
fi
fi
endscript
}
/var/log/rudder/ldap/slapd.log 1048576 bytes (no old logs will be kept)
empty log files are rotated, old logs are removed
considering log /etc/init.d/apache2
log does not need rotating
considering log reload
error: stat of reload failed: Aucun fichier ou dossier de ce type
considering log >
error: stat of > failed: Aucun fichier ou dossier de ce type
considering log /dev/null
log does not need rotating
considering log fi
error: stat of fi failed: Aucun fichier ou dossier de ce type
rotating pattern: /var/log/rudder/reports/*.log after 1 days (30 rotations)
empty log files are not rotated, old logs are removed
considering log /var/log/rudder/reports/all.log
log does not need rotating
considering log /var/log/rudder/reports/extLinuxReport.log
log does not need rotating
considering log /var/log/rudder/reports/extWinReport.log
log does not need rotating
considering log /var/log/rudder/reports/linuxlog.log
log does not need rotating
considering log /var/log/rudder/reports/winlog.log
log does not need rotating
Two reasons:
- 'adm' group doesn't exit on SuSE
- sharedscript part seems to not be correctly parsed
Updated by Nicolas PERRON over 11 years ago
Nicolas PERRON wrote:
With Rudder 2.4.0~beta2 Rudder server on a SLES 11, logrotate doesn"t seem to work:
[...]
Two reasons:
- 'adm' group doesn't exit on SuSE
(cf http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s12.1):
adm: Group adm is used for system monitoring tasks. Members of this group can read many log files in /var/log, and can use xconsole. Historically, /var/log was /usr/adm (and later /var/adm), thus the name of the group.
adm is an history group which doesn't exist in SLES. We should not use it.
Maybe 'root' should be use instead ?
- sharedscript part seems to not be correctly parsed
This is an issue already fixed here: #2379
It should not happen anymore.
Updated by Nicolas PERRON over 11 years ago
Nicolas PERRON wrote:
Nicolas PERRON wrote:
With Rudder 2.4.0~beta2 Rudder server on a SLES 11, logrotate doesn"t seem to work:
[...]
Two reasons:
- 'adm' group doesn't exit on SuSE
(cf http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s12.1):
adm: Group adm is used for system monitoring tasks. Members of this group can read many log files in /var/log, and can use xconsole. Historically, /var/log was /usr/adm (and later /var/adm), thus the name of the group.adm is an history group which doesn't exist in SLES. We should not use it.
Maybe 'root' should be use instead ?
- sharedscript part seems to not be correctly parsed
This is an issue already fixed here: #2379
It should not happen anymore.
They were both fixed in #2379 . This is the use of distributePolicy which use only the debian logrotate that have reintroduce this bug.
Updated by Nicolas PERRON over 11 years ago
- Status changed from New to Pending technical review
- % Done changed from 0 to 100
Applied in changeset commit:c164347663460ea2fa0e9d7db1dd43f421ceb996.
Updated by Nicolas PERRON over 11 years ago
This was not a 2.4 bug but a 2.3 one, like for #2379.
I have to cherry pick theses commits in 2.3 branch
Updated by Nicolas PERRON over 11 years ago
- Status changed from Pending technical review to In progress
- % Done changed from 100 to 80
Nicolas PERRON wrote:
This was not a 2.4 bug but a 2.3 one, like for #2379.
I have to cherry pick theses commits in 2.3 branch
Wrong, this issue has been introduce since #2209 which is on 2.4 branch. The add of logrotate configuration files in Techniques has been the trigger of all this confusion. Then, 2.3 branch must not be modified.
Initially, on rudder-technique repository, only one logrotate file has been copied although two files exist (one for debian-like system and another for the others). This commit repair partially the bug. Some modifications has to be made in rudder-packages.
Updated by Nicolas PERRON over 11 years ago
- Status changed from In progress to Pending technical review
- % Done changed from 80 to 100
Now, it should be completly done since logrotate is installed only from rudder-techniques.
Updated by Jonathan CLARKE over 11 years ago
- Status changed from Pending technical review to Released
Updated by Nicolas PERRON about 11 years ago
- Project changed from Rudder to 34
- Category deleted (
11)
Updated by Benoît PECCATTE about 9 years ago
- Project changed from 34 to Rudder
- Category set to Packaging