Logrotate failing

baz123 · 27 February 2020 16:50

Hi Folks,

logrotate is failing when a full log option has been selected.

Feb 27 00:00:33 DietPi systemd[1]: Starting Rotate log files...
Feb 27 00:00:33 DietPi logrotate[1497]: error: skipping "/var/log/alternatives.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

root@DietPi:~# ls -la /var/
drwxrwxrwt  7 root root         360 Feb 27 01:22 log

I note the sticky bit is set (though I am unaware as to how or what that means!).

Joulinar · 27 February 2020 19:35

hi,

the permission vor /var/log should be 755

baz123 · 27 February 2020 20:26

I haven’t changed them.

Software installed is

root@DietPi:/etc/cron.daily# dietpi-software list | grep " =2 "
id 0 | =2 | openssh client:  |
id 17 | =2 | git client: git clone etc |
id 65 | =2 | netdata: real-time performance monitoring | | https://dietpi.com/forum/t/dietpi-software-details-for-all-installation-options/22/54
id 92 | =2 | certbot: free, ssl cert install allowing https:// | | https://dietpi.com/forum/t/dietpi-software-details-for-all-installation-options/22/42
id 101 | =2 | log rotate: rotates log files | | https://dietpi.com/forum/t/dietpi-software-details-for-all-installation-options/22/21
id 102 | =2 | rsyslog: system logging | | https://dietpi.com/forum/t/dietpi-software-details-for-all-installation-options/22/21
id 103 | =2 | dietpi-ramlog: minimal, optimised logging | | https://dietpi.com/forum/t/dietpi-software-details-for-all-installation-options/22/21
id 105 | =2 | openssh server: feature rich ssh server | | https://dietpi.com/forum/t/dietpi-software-details-for-all-installation-options/22/18
id 152 | =2 | avahi-daemon: hostname broadcast (mac, pc bonjour) |

I note that dietpi-ramlog is still installed even though I have selected full logging. Is that correct?

Just looking, I think it might be netdata fiddling with permissions.

root@DietPi:/var/log# ls -la
total 372
drwxr-xr-x  6 root    root    340 Feb 27 16:04 .
drwxr-xr-x 12 root    root   4096 Feb 24 14:58 ..
-rwxr-xr-x  1 root    root      0 Feb 24 15:08 alternatives.log
drwxr-xr-x  2 root    root    100 Feb 27 16:05 apt
-rwxr-xr-x  1 root    adm    1079 Feb 27 20:17 auth.log
-rwxr-xr-x  1 root    utmp      0 Feb 27 16:05 btmp
-rwxr-xr-x  1 root    adm   14171 Feb 27 16:32 daemon.log
-rwxr-xr-x  1 root    adm   36127 Feb 27 16:05 debug
-rwxr-xr-x  1 root    root      0 Feb 27 16:05 dpkg.log
-rwxr-xr-x  1 root    adm  108113 Feb 27 16:05 kern.log
-rwxr-xr-x  1 root    utmp    292 Feb 27 16:18 lastlog
drwxr-xr-x  2 root    root     60 Feb 27 16:04 letsencrypt
-rwxr-xr-x  1 root    adm   71908 Feb 27 16:05 messages
drwxr-sr-x  2 netdata adm     100 Feb 24 15:03 netdata
drwxr-xr-x  2 root    root     40 Feb 24 15:05 private
-rwxr-xr-x  1 root    adm  123342 Feb 27 20:17 syslog
-rwxr-xr-x  1 root    utmp   1920 Feb 27 16:18 wtmp

Joulinar · 27 February 2020 21:05

what is now the permission of /var/log themselves ? did you set it back to 755?

regarding the RamLog, pls can you post the following

journalctl -u dietpi-ramlog_disable.service

baz123 · 2 March 2020 13:32

No I have left it for now.

root@DietPi:~# journalctl -u dietpi-ramlog_disable.service
-- Logs begin at Fri 2020-02-28 16:16:30 GMT, end at Mon 2020-03-02 13:25:14 GMT. --
-- No entries --

In DietPi-Software it states “Log System : [Full]”

root@DietPi:~# systemctl status dietpi-ramlog_disable.service
Unit dietpi-ramlog_disable.service could not be found.

root@DietPi:~# systemctl status dietpi-ramlog.service
● dietpi-ramlog.service - DietPi-RAMlog
   Loaded: loaded (/etc/systemd/system/dietpi-ramlog.service; enabled; vendor preset: enabled)
   Active: active (exited) since Fri 2020-02-28 16:16:31 GMT; 2 days ago
  Process: 270 ExecStartPre=/bin/mkdir -p /var/tmp/dietpi/logs (code=exited, status=0/SUCCESS)
  Process: 272 ExecStart=/bin/dash -c /boot/dietpi/func/dietpi-ramlog 0 2>&1 >> /var/tmp/dietpi/logs/dietpi-ramlog.log (code=exited, status=0/SUCCESS)
 Main PID: 272 (code=exited, status=0/SUCCESS)

Feb 28 16:16:31 DietPi systemd[1]: Starting DietPi-RAMlog...
Feb 28 16:16:31 DietPi systemd[1]: Started DietPi-RAMlog.

Joulinar · 2 March 2020 13:50

looks like ramlog was not deactivated correctly as you are missing dietpi-ramlog_disable.service

I would recommend to change logging back and try to re-initiate

change logging back > 1: RamLog
reboot
change logging > 3: FULL
reboot
check if dietpi-ramlog_disable.service exist