Bug#606959: logrotate script should set correct owner/group
Laurent Bigonville
bigon at debian.org
Mon Dec 13 15:44:46 UTC 2010
Le Mon, 13 Dec 2010 16:26:20 +0200,
Tzafrir Cohen <tzafrir.cohen at xorcom.com> a écrit :
> Sorry, but I fail to see no problem here.
>
> The directory /var/log/asterisk is owned by asterisk (permissions set
> in postinst script).
>
> After log rotation, asterisk is ordered 'logger reload', which reopens
> log files (and generating new ones if needed).
>
> Could you please give more details on how to reproduce the problem?
According to logrotate manpage[1] the new file is created by logrotate
just after the rotation with the permissions of the old one.
So if for some reasons the file is missing or has bad permissions
asterisk will not (re)start and nothing will fix the permissions.
I think adding "create 644 asterisk asterisk" could be interesting.
Or ever better solution is to use "create 640 asterisk adm" (some other
daemons are doing something similar),but this would also requires
changing group of the directory to adm I guess.
Cheers
Laurent Bigonville
[1] create mode owner group
Immediately after rotation (before the postrotate script is run) the log file is created (with the same name as the log file just rotated). mode speci‐
fies the mode for the log file in octal (the same as chmod(2)), owner specifies the user name who will own the log file, and group specifies the group the
log file will belong to. Any of the log file attributes may be omitted, in which case those attributes for the new file will use the same values as the
original log file for the omitted attributes. This option can be disabled using the nocreate option.
More information about the Pkg-voip-maintainers
mailing list