Bug 146597 - httpd logs not rotating
httpd logs not rotating
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: logrotate (Show other bugs)
3
All Linux
medium Severity medium
: ---
: ---
Assigned To: Peter Vrabec
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-01-30 04:10 EST by Stephan Borg
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-02-11 05:18:52 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
State prior to logrotation error (34.50 KB, application/x-gzip-compressed)
2005-01-31 16:11 EST, Stephan Borg
no flags Details
Debug output from logrotate (20.03 KB, text/plain)
2005-02-08 06:17 EST, Stephan Borg
no flags Details
modified logrotate (66.18 KB, application/octet-stream)
2005-02-09 09:31 EST, Peter Vrabec
no flags Details
Output of verbose logrotate (23.91 KB, text/plain)
2005-02-09 16:12 EST, Stephan Borg
no flags Details

  None (edit)
Description Stephan Borg 2005-01-30 04:10:29 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7)
Gecko/20040808 Firefox/0.9.3

Description of problem:
During httpd log rotation, get the following error:
error: error running shared postrotate script for /var/log/httpd/*log

Version-Release number of selected component (if applicable):
logrotate-3.7.1-2

How reproducible:
Always

Steps to Reproduce:
1.logrotate /etc/logrotate.conf
    

Actual Results:  error: error running shared postrotate script for
/var/log/httpd/*log

Expected Results:  No errors

Additional info:

To fix the problem, I have changed the first line in
/etc/logrotate.d/httpd to:

/var/log/httpd/*.log {

Problem no longer occurs.
Comment 1 Stephan Borg 2005-01-30 04:13:56 EST
Sorry, just realised that *.log is not going to find any logs in
/var/log/httpd/

Changed to *_log and appears not to get an error now - not sure if its
working - will find out next week.
Comment 2 Peter Vrabec 2005-01-31 09:59:06 EST
I can't reproduce it.

Send me content of your
/etc/logrotate.d/httpd, /etc/logrotate.conf
and
verbose output from logrotate
Comment 3 Stephan Borg 2005-01-31 16:11:17 EST
Created attachment 110460 [details]
State prior to logrotation error

I tried to create the state prior to the error - and the last line of
logrotate.txt shows verbose out of the error occurring.

The only difference I found, is that logrotate would always show this error
when executed repeatedly.

Three points I should mention:
1 - I have SELinux enabled, not sure how this affects log rotation.
2 - I have custom httpd scripts, whose naming convention maybe causing the
error.
3 - When the logrotate error occurs, it appears that all logs are rotated, but
services such as httpd and syslogd are not restarted correctly. This was how I
noticed the error in the first place.
Comment 4 Peter Vrabec 2005-02-01 05:53:09 EST
I still can't reproduce it even with your logrotate.conf, httpd and logs.

Could u send me your debug output(logrotate -d).
Which root shell do u use?
What did u mean by "logrotate would always show this error
when executed repeatedly".
Comment 5 Stephan Borg 2005-02-01 06:07:13 EST
I use bash shell.

I can't reproduce the error consistently now either.

After I applied the first work around - the error disappeared and I've
only got it to come back once since then.

Whereas, prior to the work around - everytime I ran logrotate, it
would give me 'error running shared postrotate script for
/var/log/httpd/*log' and not restart any services.

If you wish, we can close off this bug - and if it reoccurs, I won't
touch it and log another bug.
Comment 6 Stephan Borg 2005-02-08 06:17:31 EST
Created attachment 110789 [details]
Debug output from logrotate

Problem reoccured this week during cron log rotation. Have attached debug
logrotate output as requested. Will leave in broken state should you require
further testing.
Comment 7 Peter Vrabec 2005-02-09 09:31:56 EST
Created attachment 110869 [details]
modified logrotate

Try reproduce the bug with this modified(added more verbose messages)
logrotate. 

need output of this
# ./logrotate -v -f /etc/logrotate.conf
Comment 8 Stephan Borg 2005-02-09 16:12:28 EST
Created attachment 110894 [details]
Output of verbose logrotate

As requested.
Comment 9 Peter Vrabec 2005-02-10 09:33:33 EST
Logrotate fail to execlp temporary file from /tmp.

I think SELinux cause your problem, try to disable it, or allow
logrotate to exec files from /tmp
Comment 10 Daniel Walsh 2005-02-10 09:43:28 EST
Please do not disable SELinux.  You can turn SELinux into permissive
mode by setenforce 0, or changing the /etc/selinux/config file.
logrotate should be running with full privs in a targeted system.  Are
you seeing any AVC messages in the /var/log/messages file?  

Dan
Comment 11 Stephan Borg 2005-02-10 17:20:03 EST
OK - discovered what it was.

I have mounted my /tmp parition with the noexec attribute - apparently
this was causing all the trouble.

Not sure what the right way forward is from here - should executable
scripts be allowed from within /tmp ?

Comment 12 Peter Vrabec 2005-02-11 05:18:52 EST
I think, it is not so secure to allow execute scripts from /tmp.
I don't know SELinux enought but it may be right thing to limit this.
Comment 13 Stephan Borg 2005-02-11 07:05:29 EST
To be honest, I don't believe this to be an SELinux problem, but rather a
logrotate problem. I guess someone with intimiate knowledge of logrotate can
confirm.
Comment 14 Colin Walters 2005-02-11 10:21:20 EST
Mounting /tmp with noexec is like locking up your bike with a string.
 It might slow down an attacker for a second or two at most.  Don't
bother; it's not worth the breakage it can cause for legitimate
applications.

Note You need to log in before you can comment on or make changes to this bug.