Bug 1056515

Summary: logrotate complains about insecure /var/log/rhn permissions
Product: [Community] Spacewalk Reporter: Jan Hutař <jhutar>
Component: ServerAssignee: Jan Dobes <jdobes>
Status: CLOSED CURRENTRELEASE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.1CC: jdobes, mmraka
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: spacewalk-backend-2.1.49 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1083975 (view as bug list) Environment:
Last Closed: 2014-03-04 13:08:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1069560, 1083975    

Description Jan Hutař 2014-01-22 11:06:12 UTC 
Description of problem:
Running logrotate on system with Spacewalk installed produces errors.


Version-Release number of selected component (if applicable):
logrotate-3.8.4-3.fc19.x86_64
spacewalk-backend-2.1.42-1.fc19.noarch


How reproducible:
always


Steps to Reproduce:
1. # cat /tmp/tmp.x9sya0HdOa
rotate 40
size=1k
create
missingok
include /etc/logrotate.d
2. # logrotate -f /tmp/tmp.x9sya0HdOa


Actual results:
# logrotate -f /tmp/tmp.x9sya0HdOa
error: skipping "/var/log/rhn/rhn_server_app.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_server_applet.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_config_management.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_config_management_tool.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_server_sat.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_sat_export_internal.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_upload_package_push.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_server.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_server_satellite.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/rhn/rhn_server_xmlrpc.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
# echo $?
1


Expected results:
Should not print any errors and should return 0
Comment 2 Jan Dobes 2014-01-28 16:10:14 UTC 
It depends on version of logrotate. I checked multiple versions and it occurs only with logrotate >= 3.8.0, i. e. versions in latest Fedora's. In RHEL[56] are older versions.
Comment 3 Jan Dobes 2014-02-06 16:39:23 UTC 
fixed in master by commit:
  66509c2cb11dfd6f68208f13d904cdafc68a79d6
Comment 4 Matej Kollar 2014-03-04 13:08:11 UTC 
Spacewalk 2.1 has been released.
https://fedorahosted.org/spacewalk/wiki/ReleaseNotes21
Comment 5 Matej Kollar 2014-03-04 13:09:02 UTC 
Spacewalk 2.1 has been released.
https://fedorahosted.org/spacewalk/wiki/ReleaseNotes21