1330244 – Candlepin logrotate error on RHEL6.7

Bug 1330244 - Candlepin logrotate error on RHEL6.7

Summary: Candlepin logrotate error on RHEL6.7

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Candlepin
Classification:	Community
Component:	candlepin
Sub Component:
Version:	0.9.49
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	vritant
QA Contact:	Katello QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1329573 1330245 1330246 1351652
TreeView+	depends on / blocked

Reported:	2016-04-25 17:43 UTC by Barnaby Court
Modified:	2016-06-30 13:40 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	1329573
Clones:	1330245 (view as bug list)
Environment:
Last Closed:	2016-06-30 13:40:18 UTC
Embargoed:

Attachments	(Terms of Use)

Description Barnaby Court 2016-04-25 17:43:18 UTC

+++ This bug was initially created as a clone of Bug #1329573 +++

Description of problem:
The fix for BZ1310173 introduced in:

* Thu Mar 10 2016 Alex Wood <awood> 0.9.49.12-1
- removing initialization of pool.entitlements (fnguyen)
- Introducing batching to CRL job to workaround Postgres IN clause limit
  (fnguyen)
- 1310173: Backport logrotate config entry (wpoteat)
- Mass Pool lock (fnguyen)

Causes logrotate failures under RHEL6.7 to be reported through Cron:

-------
From: Anacron [root.hilti.com] 
Sent: Mittwoch, 20. April 2016 05:49
To: root.hilti.com
Subject: Anacron job 'cron.daily' on li-lc-1578

/etc/cron.daily/logrotate:

error: candlepin:2 unknown option 'su' -- ignoring line
error: candlepin:2 unexpected text
-------

vrempet@li-lc-1578 ~
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.7 (Santiago)

vrempet@li-lc-1578 ~
$ rpm -qf /etc/logrotate.d/candlepin
candlepin-0.9.49.12-1.el6.noarch



Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Install candlepin-0.9.49.12-1.el6.noarch on RHEL6.7
2. Exeute:
$ sudo logrotate /etc/logrotate.conf
error: candlepin:2 unknown option 'su' -- ignoring line
error: candlepin:2 unexpected text

3.

Actual results:
Error

Expected results:
Success

Additional info:

--- Additional comment from Peter Vreman on 2016-04-22 05:43:37 EDT ---

RHEL6.7 provides:

vrempet@li-lc-1578 ~
$ rpm -q logrotate
logrotate-3.7.8-26.el6_7.x86_64


The used 'su' command is only introduced in 3.8.0 of logrotate:

3.7.9 -> 3.8.0
        - added "dateyesterday" option (see man page)
        - fixed crash when config file had exactly 4096*N bytes
        - added WITH_ACL make option to link against -lacl and preserve ACLs
          during rotation
        - added "su" option to define user/group for rotation. Logrotate now
          skips directories which are world writable or writable by group
          which is not "root" unless "su" directive is used.
        - fixed CVE-2011-1098: race condition by creation of new files
        - fixed possible shell injection when using "shred" directive (CVE-2011-1154)
        - fixed escaping of file names within 'write state' action (CVE-2011-1155)
        - better 'size' directive description
        - fixed possible buffer-overflow when reading config files
        - NetBSD/FreeBSD compilation fixes
        - Solaris compilation fixes

Note You need to log in before you can comment on or make changes to this bug.