Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BUG: fix logrotate ownership options #2111

Merged
1 commit merged into from
Sep 16, 2021
Merged

BUG: fix logrotate ownership options #2111

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@ CHANGELOG
### Tools

### Contrib
- logrotate: Move compress and ownership rules to the IntelMQ-blocks to prevent that they apply to other files (PR#2111 by Sebastian Wagner, fixes #2110).

### Known issues

Expand Down
8 changes: 8 additions & 0 deletions NEWS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,14 @@ The field names for all data added to messages must match a pre-defined format.
The check which ensures this, was ineffective prior to this version and is effective again starting with version 3.1.0.
The [Data format documentation](https://intelmq.readthedocs.io/en/maintenance/dev/data-format.html#rules-for-keys) describes the required format.

### Logrotate
The packaged configuration for logrotate falsely contained options applying to other programs' log files. This caused wrong ownerships of log files.
This issues is corrected, but the ownership of affected log files may need to be changed manually.
To find affected files, you may use:
```bash
sudo find /var/log/ -user intelmq ! -path \*intelmq\*
```

### Configuration

### Libraries
Expand Down
10 changes: 6 additions & 4 deletions contrib/logrotate/intelmq
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
compress
delaycompress
create 644 intelmq intelmq

/opt/intelmq/var/log/*.log {
su intelmq intelmq
daily
maxsize 10M
rotate 60
notifempty
compress
delaycompress
create 644 intelmq intelmq
sharedscripts
postrotate
sudo -u intelmq /usr/local/bin/intelmqctl --quiet reload
Expand All @@ -20,6 +19,9 @@ create 644 intelmq intelmq
maxsize 10M
rotate 60
notifempty
compress
delaycompress
create 644 intelmq intelmq
sharedscripts
postrotate
sudo -u intelmq /usr/local/bin/intelmqctl --quiet reload file-output
Expand Down
19 changes: 8 additions & 11 deletions debian/patches/fix-logrotate-path.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,21 +1,18 @@
Description: Fix paths in logrotate configuration to obey FHS
Author: Gernot Schulz <[email protected]>, Sebastian Wagner <[email protected]>
Last-Update: 2021-03-03
Last-Update: 2021-09-14
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/contrib/logrotate/intelmq 2021-03-03 11:08:37.811638328 +0100
+++ b/contrib/logrotate/intelmq 2021-03-03 11:09:27.415930805 +0100
@@ -2,7 +2,7 @@
delaycompress
create 644 intelmq intelmq

--- a/contrib/logrotate/intelmq
+++ b/contrib/logrotate/intelmq
@@ -1,4 +1,4 @@
-/opt/intelmq/var/log/*.log {
+/var/log/intelmq/*.log {
su intelmq intelmq
daily
maxsize 10M
@@ -10,11 +10,11 @@
notifempty
@@ -9,11 +9,11 @@
create 644 intelmq intelmq
sharedscripts
postrotate
- sudo -u intelmq /usr/local/bin/intelmqctl --quiet reload
Expand All @@ -28,8 +25,8 @@ This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
su intelmq intelmq
daily
maxsize 10M
@@ -22,6 +22,6 @@
notifempty
@@ -24,6 +24,6 @@
create 644 intelmq intelmq
sharedscripts
postrotate
- sudo -u intelmq /usr/local/bin/intelmqctl --quiet reload file-output
Expand Down