我有一个自定义的 logrotate 配置,例如:
/var/log/myapp-*log {
daily
rotate 7
missingok
notifempty
su www-data www-data
}
当我跑步时:
sudo logrotate /etc/logrotate.d/myconf --verbose -f
它会产生错误:
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/myapp-stdout.log.7 to /var/log/myapp-stdout.log.8 (rotatecount 7, logstart 1, i 7),
old log /var/log/myapp-stdout.log.7 does not exist
renaming /var/log/myapp-stdout.log.6 to /var/log/myapp-stdout.log.7 (rotatecount 7, logstart 1, i 6),
old log /var/log/myapp-stdout.log.6 does not exist
renaming /var/log/myapp-stdout.log.5 to /var/log/myapp-stdout.log.6 (rotatecount 7, logstart 1, i 5),
old log /var/log/myapp-stdout.log.5 does not exist
renaming /var/log/myapp-stdout.log.4 to /var/log/myapp-stdout.log.5 (rotatecount 7, logstart 1, i 4),
old log /var/log/myapp-stdout.log.4 does not exist
renaming /var/log/myapp-stdout.log.3 to /var/log/myapp-stdout.log.4 (rotatecount 7, logstart 1, i 3),
old log /var/log/myapp-stdout.log.3 does not exist
renaming /var/log/myapp-stdout.log.2 to /var/log/myapp-stdout.log.3 (rotatecount 7, logstart 1, i 2),
old log /var/log/myapp-stdout.log.2 does not exist
renaming /var/log/myapp-stdout.log.1 to /var/log/myapp-stdout.log.2 (rotatecount 7, logstart 1, i 1),
old log /var/log/myapp-stdout.log.1 does not exist
renaming /var/log/myapp-stdout.log.0 to /var/log/myapp-stdout.log.1 (rotatecount 7, logstart 1, i 0),
old log /var/log/myapp-stdout.log.0 does not exist
log /var/log/myapp-stdout.log.8 doesn't exist -- won't try to dispose of it
renaming /var/log/myapp-stdout.log to /var/log/myapp-stdout.log.1
error: failed to rename /var/log/myapp-stdout.log to /var/log/myapp-stdout.log.1: Permission denied
为什么会sudo出现权限被拒绝错误?
跑步ls -lah /var | grep -i log让我明白:
drwxrwxr-x 21 root syslog 56K Oct 16 13:24 log
因此 root 拥有/log。因此sudo logrotate重命名那里的日志文件应该没有问题吧?
答案1
问题出在我的logrotate的su设置上,本来应该是这样的root syslog。