Cutting permission of logrotate file

1、 Problem description

logrotate When cutting files , Report errors

[email protected] 11:04:53:/usr# logrotate -d /etc/logrotate.d/rsyslog 

Error message ：

rotating pattern: /var/log/syslog
 after 1 days (14 rotations)
olddir is archive, empty log files are not rotated, old logs are removed
considering log /var/log/syslog
error: skipping "/var/log/syslog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. rotating pattern: /var/log/kern.log /var/log/auth.log weekly (14 rotations) olddir is archive, empty log files are not rotated, old logs are removed considering log /var/log/kern.log error: skipping "/var/log/kern.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /var/log/auth.log
error: skipping "/var/log/auth.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

2、 analysis

The error messages are the same , Pick out a paragraph , as follows ：

error: skipping “/var/log/syslog” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

The main reason is the problem of permission , You need to specify the user or group to execute the script .

Actually , The solution is also given ：
Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

3、 resolvent

stay logrotate The configuration of , Specify users and groups ,su root root.

logrotate The full configuration is as follows ：

/var/log/syslog
{
    
    su root root  #  Designated user 、 Group 
    daily
    rotate 14
    missingok
    notifempty
    
# delaycompress
# compress
    
    dateext
    dateformat -%Y-%m-%d
    
    olddir archive
    
    postrotate
        /usr/lib/rsyslog/rsyslog-rotate
    endscript
}

/var/log/kern.log
/var/log/auth.log
{
    
    su root root #  Designated user 、 Group 
    weekly
    rotate 14
    missingok
    notifempty
    
# compress 
# delaycompress
    
    olddir archive
    
    dateext
    dateformat -%Y-%m-%d
    
    sharedscripts
    postrotate
        /usr/lib/rsyslog/rsyslog-rotate
    endscript
}