Bug #2820
closedlogrotate doesn't seem to work on SuSE
Description
With Rudder 2.4.0~beta2 Rudder server on a SLES 11, logrotate doesn"t seem to work:
# logrotate -v /etc/logrotate.d/rudder reading config file /etc/logrotate.d/rudder reading config info for /var/log/rudder/apache2/*.log error: /etc/logrotate.d/rudder:8 unknown group 'adm' error: found error in /var/log/rudder/apache2/*.log , skipping removing last 1 log configs error: /etc/logrotate.d/rudder:11 lines must begin with a keyword or a filename (possibly in double quotes) error: /etc/logrotate.d/rudder:12 unknown option 'if' -- ignoring line error: /etc/logrotate.d/rudder:12 unexpected text error: /etc/logrotate.d/rudder:13 unknown option 'invoke' -- ignoring line error: /etc/logrotate.d/rudder:13 unexpected text error: /etc/logrotate.d/rudder:14 unknown option 'else' -- ignoring line error: /etc/logrotate.d/rudder:15 duplicate log entry for fi error: found error in /etc/init.d/apache2 reload > /dev/null fi fi endscript } /var/log/rudder/ldap/slapd.log , skipping removing last 1 log configs reading config info for /var/log/rudder/reports/*.log error: /etc/logrotate.d/rudder:32 unknown group 'adm' error: found error in /var/log/rudder/reports/*.log , skipping removing last 1 log configs Handling 3 logs rotating pattern: /var/log/rudder/apache2/*.log after 1 days (30 rotations) empty log files are not rotated, old logs are removed considering log /var/log/rudder/apache2/access.log log does not need rotating considering log /var/log/rudder/apache2/error.log log does not need rotating rotating pattern: /etc/init.d/apache2 reload > /dev/null fi fi endscript } /var/log/rudder/ldap/slapd.log 1048576 bytes (no old logs will be kept) empty log files are rotated, old logs are removed considering log /etc/init.d/apache2 log does not need rotating considering log reload error: stat of reload failed: Aucun fichier ou dossier de ce type considering log > error: stat of > failed: Aucun fichier ou dossier de ce type considering log /dev/null log does not need rotating considering log fi error: stat of fi failed: Aucun fichier ou dossier de ce type rotating pattern: /var/log/rudder/reports/*.log after 1 days (30 rotations) empty log files are not rotated, old logs are removed considering log /var/log/rudder/reports/all.log log does not need rotating considering log /var/log/rudder/reports/extLinuxReport.log log does not need rotating considering log /var/log/rudder/reports/extWinReport.log log does not need rotating considering log /var/log/rudder/reports/linuxlog.log log does not need rotating considering log /var/log/rudder/reports/winlog.log log does not need rotatingTwo reasons:
- 'adm' group doesn't exit on SuSE
- sharedscript part seems to not be correctly parsed
Updated by Nicolas PERRON over 12 years ago
Nicolas PERRON wrote:
With Rudder 2.4.0~beta2 Rudder server on a SLES 11, logrotate doesn"t seem to work:
[...]
Two reasons:
- 'adm' group doesn't exit on SuSE
(cf http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s12.1):
adm: Group adm is used for system monitoring tasks. Members of this group can read many log files in /var/log, and can use xconsole. Historically, /var/log was /usr/adm (and later /var/adm), thus the name of the group.
adm is an history group which doesn't exist in SLES. We should not use it.
Maybe 'root' should be use instead ?
- sharedscript part seems to not be correctly parsed
This is an issue already fixed here: #2379
It should not happen anymore.
Updated by Nicolas PERRON over 12 years ago
Nicolas PERRON wrote:
Nicolas PERRON wrote:
With Rudder 2.4.0~beta2 Rudder server on a SLES 11, logrotate doesn"t seem to work:
[...]
Two reasons:
- 'adm' group doesn't exit on SuSE
(cf http://www.debian.org/doc/manuals/securing-debian-howto/ch12.en.html#s12.1):
adm: Group adm is used for system monitoring tasks. Members of this group can read many log files in /var/log, and can use xconsole. Historically, /var/log was /usr/adm (and later /var/adm), thus the name of the group.adm is an history group which doesn't exist in SLES. We should not use it.
Maybe 'root' should be use instead ?
- sharedscript part seems to not be correctly parsed
This is an issue already fixed here: #2379
It should not happen anymore.
They were both fixed in #2379 . This is the use of distributePolicy which use only the debian logrotate that have reintroduce this bug.
Updated by Nicolas PERRON over 12 years ago
- Status changed from New to Pending technical review
- % Done changed from 0 to 100
Applied in changeset commit:c164347663460ea2fa0e9d7db1dd43f421ceb996.
Updated by Nicolas PERRON over 12 years ago
This was not a 2.4 bug but a 2.3 one, like for #2379.
I have to cherry pick theses commits in 2.3 branch
Updated by Nicolas PERRON over 12 years ago
- Status changed from Pending technical review to In progress
- % Done changed from 100 to 80
Nicolas PERRON wrote:
This was not a 2.4 bug but a 2.3 one, like for #2379.
I have to cherry pick theses commits in 2.3 branch
Wrong, this issue has been introduce since #2209 which is on 2.4 branch. The add of logrotate configuration files in Techniques has been the trigger of all this confusion. Then, 2.3 branch must not be modified.
Initially, on rudder-technique repository, only one logrotate file has been copied although two files exist (one for debian-like system and another for the others). This commit repair partially the bug. Some modifications has to be made in rudder-packages.
Updated by Nicolas PERRON over 12 years ago
- Status changed from In progress to Pending technical review
- % Done changed from 80 to 100
Now, it should be completly done since logrotate is installed only from rudder-techniques.
Updated by Jonathan CLARKE over 12 years ago
- Status changed from Pending technical review to Released
Updated by Nicolas PERRON almost 12 years ago
- Project changed from Rudder to 34
- Category deleted (
11)
Updated by Benoît PECCATTE almost 10 years ago
- Project changed from 34 to Rudder
- Category set to Packaging