Description of problem:
Version-Release number of selected component (if applicable): 0.5.7
How reproducible: Unknown, reliably on my machine
Steps to Reproduce:
1. (possibly) upgrade from f35
2. Have akmods installed
3. Wait for logrotate
systemd: Starting logrotate.service - Rotate log files...
logrotate: error: skipping "/var/log/akmods/akmods.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
systemd: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Expected results: Logrotate does not fail
$ stat /var/log/akmods/
Size: 20 Blocks: 0 IO Block: 4096 directory
Device: 0,35 Inode: 9525134 Links: 1
Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 970/ akmods)
$ cat /etc/logrotate.d/akmods.conf
create 644 root root
Thanks for reporting this issue.
As a temporary workaround and if you don't mind, could you please try
to edit (as root) the /etc/logrotate.d/akmods.conf file, and add one
line containing the su directive as shown above:
create 644 root root
su root akmods
Any feedback about this proposed modification would be welcome.
I can confirm the modification works.
However I am not sure it is the correct solution as no other files on my system use the su directive even when they have different groups, e.g.:
$ stat /var/log/chrony/
Size: 0 Blocks: 0 IO Block: 4096 directory
Device: 0,35 Inode: 158422 Links: 1
Access: (0750/drwxr-x---) Uid: ( 986/ chrony) Gid: ( 982/ chrony)
$ cat /etc/logrotate.d/chrony
/usr/bin/chronyc cyclelogs > /dev/null 2>&1 || true
I'm not familiar enough with logrotate to know why it is not an issue for them.
P.S. the file name akmods.conf also does not seem to follow the convention of the other packages, which use no suffix
FEDORA-2022-cb6b6b6ec2 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2022-cb6b6b6ec2
FEDORA-2022-cb6b6b6ec2 has been pushed to the Fedora 37 stable repository.
If problem still persists, please make note of it in this bug report.