logrotate errors - setting user/group

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
zebee
Posts: 7
Joined: Wed Aug 14, 2019 4:54 pm

logrotate errors - setting user/group

Post by zebee »

Fresh offline install of 5.8.5.1 on RHEL8.
Root's mail has logrotate failures:
/etc/cron.daily/logrotate: error: error setting owner of /usr/local/nagiosxi/var/cleaner.log-20210816 to uid 5557 and gid 100: Operation not permitted error: error setting owner of /usr/local/nagiosxi/var/dbmaint.log-20210816 to uid 5557 and gid 100: Operation not permitted error: error setting owner of /usr/local/nagiosxi/var/sysstat.log-20210816 to uid 5557 and gid 100: Operation not permitted

nagios is
uid=5557(nagios) gid=100(users) groups=100(users),5559(nagcmd),5560(nagios)

looks like rotating is failing anyway:
[root@mondevappla001 logrotate.d]# ls -l /usr/local/nagiosxi/var/clean*
-rw-r--r-- 1 nagios users 6995086 Aug 16 16:14 /usr/local/nagiosxi/var/cleaner.log
-rw------- 1 nagios nagios 0 Aug 14 03:12 /usr/local/nagiosxi/var/cleaner.log-20210814
-rw------- 1 nagios nagios 0 Aug 15 03:25 /usr/local/nagiosxi/var/cleaner.log-20210815
-rw------- 1 nagios nagios 0 Aug 16 03:27 /usr/local/nagiosxi/var/cleaner.log-20210816

Not sure why it is using gid 100 the logrotate stanza says
/usr/local/nagiosxi/var/*log {
missingok
notifempty
size 5M
copytruncate
su nagios nagios
rotate 1
compress


Zebee
Top
User avatar
pbroste
Posts: 1288
Joined: Tue Jun 01, 2021 1:27 pm

Re: logrotate errors - setting user/group

Post by pbroste »

Hello @zebee

Thanks for reaching out on the logrotate issue. Looking over the details we are not sure why it is running the logrotate as 'user' and want to start by digging in a bit.

We would expect to see the following permissions:
ls -lahrt /etc/logrotate.d/nagiosxi
-rw-r--r-- 1 root root /etc/logrotate.d/nagiosxi
And
ls -ldhrt /usr/local/nagiosxi/var
drwxrwxr-x 7 nagios nagios 4.0K Aug 16 12:56 /usr/local/nagiosxi/var
Option to add create 0664 nagios nagios to your /etc/logrotate.d/nagiosxi
 so it looks like this:

Code: Select all

/usr/local/nagiosxi/var/*log {
    missingok
    notifempty
    size 5M
    copytruncate
    su nagios nagios
    rotate 1
    compress
    create 0664 nagios nagios
}
Now that we verified let's run the logrotation manually from command with logging and debug:

Code: Select all

logrotate -f -v -d --log /tmp/logrotate_results.txt /etc/logrotate.d/nagiosxi
Please review and send the /tmp/logrotate_results.txt to me via Private Message along with the System Profile so we can see what is going on.

To send us your system profile.
  • Login to the Nagios XI GUI using a web browser.
  • Click the "Admin" > "System Profile" Menu
  • Click the "Download Profile" button
  • Save the profile.zip file and share
Thanks,
Perry
Top
Locked

Return to “Nagios XI”