Logrotate: Postrotate setfacl falhou sem esse arquivo ou erro de diretório

1

Eu configurei algumas entradas de ACL estendidas para /var/log/squid3/ e /var/log/squid3/access.log .

sudo setfacl -m u:jetty:r-x,g:adm:r-x /var/log/squid3
sudo setfacl -m u:jetty:r--,g:adm:r-- /var/log/squid3/access.log

Como o log está em rotação diária, perco os acls todos os dias.

Edito sudo nano /etc/logrotate.d/squid3 , mas não está funcionando.

running postrotate script
setfacl: /var/log/squid3/access.log: No such file or directory
error: error running shared postrotate script for '/var/log/squid3/*.log '

Meu fragmento de logrotate do squid3:

/var/log/squid3/*.log {
        daily
        compress
        delaycompress
        rotate 2
        missingok
        nocreate
        sharedscripts
        prerotate
                test ! -x /usr/sbin/sarg-reports || /usr/sbin/sarg-reports
        endscript
        postrotate
                test ! -e /var/run/squid3.pid || test ! -x /usr/sbin/squid3 || /usr/sbin/squid3 -k rotate
                /usr/bin/setfacl -m u:jetty:r--,g:adm:r-- /var/log/squid3/access.log
        endscript
}

Uma execução a seco de sudo logrotate -vdf /etc/logrotate.d/squid3 fornece:

reading config file /etc/logrotate.d/squid3

Handling 1 logs

rotating pattern: /var/log/squid3/*.log  forced from command line (2 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/squid3/access.log
  log needs rotating
considering log /var/log/squid3/cache.log
  log needs rotating
rotating log /var/log/squid3/access.log, log->rotateCount is 2
dateext suffix '-20140307'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
compressing log with: /bin/gzip
renaming /var/log/squid3/access.log.2.gz to /var/log/squid3/access.log.3.gz (rotatecount 2, logstart 1, i 2), 
renaming /var/log/squid3/access.log.1.gz to /var/log/squid3/access.log.2.gz (rotatecount 2, logstart 1, i 1), 
renaming /var/log/squid3/access.log.0.gz to /var/log/squid3/access.log.1.gz (rotatecount 2, logstart 1, i 0), 
rotating log /var/log/squid3/cache.log, log->rotateCount is 2
dateext suffix '-20140307'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
compressing log with: /bin/gzip
renaming /var/log/squid3/cache.log.2.gz to /var/log/squid3/cache.log.3.gz (rotatecount 2, logstart 1, i 2), 
renaming /var/log/squid3/cache.log.1.gz to /var/log/squid3/cache.log.2.gz (rotatecount 2, logstart 1, i 1), 
renaming /var/log/squid3/cache.log.0.gz to /var/log/squid3/cache.log.1.gz (rotatecount 2, logstart 1, i 0), 
running prerotate script
running script (multiple) with arg /var/log/squid3/*.log : "
        test ! -x /usr/sbin/sarg-reports || /usr/sbin/sarg-reports
"
renaming /var/log/squid3/access.log to /var/log/squid3/access.log.1
renaming /var/log/squid3/cache.log to /var/log/squid3/cache.log.1
running postrotate script
running script (multiple) with arg /var/log/squid3/*.log : "
        test ! -e /var/run/squid3.pid || test ! -x /usr/sbin/squid3 || /usr/sbin/squid3 -k rotate
        /usr/bin/setfacl -m u:jetty:r--,g:adm:r-- /var/log/squid3/access.log
"
removing old log /var/log/squid3/access.log.3.gz
removing old log /var/log/squid3/cache.log.3.gz

Uma corrida forçada gera um erro:

sudo logrotate -vf /etc/logrotate.d/squid3 
reading config file /etc/logrotate.d/squid3

Handling 1 logs

rotating pattern: /var/log/squid3/*.log  forced from command line (2 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/squid3/access.log
  log needs rotating
considering log /var/log/squid3/cache.log
  log needs rotating
rotating log /var/log/squid3/access.log, log->rotateCount is 2
dateext suffix '-20140307'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
compressing log with: /bin/gzip
renaming /var/log/squid3/access.log.2.gz to /var/log/squid3/access.log.3.gz (rotatecount 2, logstart 1, i 2), 
renaming /var/log/squid3/access.log.1.gz to /var/log/squid3/access.log.2.gz (rotatecount 2, logstart 1, i 1), 
renaming /var/log/squid3/access.log.0.gz to /var/log/squid3/access.log.1.gz (rotatecount 2, logstart 1, i 0), 
old log /var/log/squid3/access.log.0.gz does not exist
rotating log /var/log/squid3/cache.log, log->rotateCount is 2
dateext suffix '-20140307'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
compressing log with: /bin/gzip
renaming /var/log/squid3/cache.log.2.gz to /var/log/squid3/cache.log.3.gz (rotatecount 2, logstart 1, i 2), 
renaming /var/log/squid3/cache.log.1.gz to /var/log/squid3/cache.log.2.gz (rotatecount 2, logstart 1, i 1), 
renaming /var/log/squid3/cache.log.0.gz to /var/log/squid3/cache.log.1.gz (rotatecount 2, logstart 1, i 0), 
old log /var/log/squid3/cache.log.0.gz does not exist
running prerotate script
renaming /var/log/squid3/access.log to /var/log/squid3/access.log.1
renaming /var/log/squid3/cache.log to /var/log/squid3/cache.log.1
running postrotate script
setfacl: /var/log/squid3/access.log: No such file or directory
error: error running shared postrotate script for '/var/log/squid3/*.log '
    
por user3365917 07.03.2014 / 11:00

1 resposta

0

Um primeiro palpite é que o arquivo /var/log/squid3/access.log ainda não foi recriado quando o comando setfacl for executado.

Para resolver isso, remova o nocreate em sua configuração do logrotate ou substitua-o por um create <mode> <owner> <group> para ter o arquivo de registro recriado antes de executar seu comando postrotate.

    
por 07.03.2014 / 12:52