"error: skipping "somthing.log" because parent directory has insecure..."


3 posts in this topic Last Reply

Recommended Posts

I get an email every day with the following:

 

error: skipping "/var/log/docker.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/vsftpd.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/wtmp" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/btmp" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

 

Also reported many times elsewhere:

 

http://lime-technology.com/forum/index.php?topic=36527.msg339961#msg339961

http://lime-technology.com/forum/index.php?topic=36527.msg339963#msg339963

http://lime-technology.com/forum/index.php?topic=36527.msg339973#msg339973

http://lime-technology.com/forum/index.php?topic=36527.msg339985#msg339985

http://lime-technology.com/forum/index.php?topic=36527.msg341657#msg341657

http://lime-technology.com/forum/index.php?topic=37201.msg343880#msg343880

 

Help? Advice?

 

[update]

How to fix:

https://linuxslut.net/logrotate-parent-directory-has-insecure-permissions/

https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1278193

https://www.novell.com/support/kb/doc.php?id=7005219

 

I added “su root root” to the bottom of of each file in /etc/logrotate.d.  Example in attached image.

 

I think it is also possible to address this via “/etc/logrotate.conf” and possibly that is the only file that needs editing.  I just didn’t want to break everything. 

 

Of course the changes are lost if you reboot. 

log.png.47bd033b244cd7e518274e15dacf67b9.png

Link to post
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.