Page MenuHomePhabricator

Address logrotate.service warnings
Closed, ResolvedPublic

Description

Apr 28 00:00:01 web2.translatewiki.net systemd[1]: Starting Rotate log files...
Apr 28 00:00:05 web2.translatewiki.net logrotate[19185]: error: skipping "/www/translatewiki.net/logs/error_php" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Apr 28 00:00:05 web2.translatewiki.net logrotate[19185]: error: skipping "/www/translatewiki.net/logs/error_js" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Apr 28 00:00:05 web2.translatewiki.net logrotate[19185]: error: skipping "/www/translatewiki.net/logs/access_cli" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Apr 28 00:00:05 web2.translatewiki.net logrotate[19185]: error: skipping "/www/translatewiki.net/logs/debug" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Apr 28 00:00:05 web2.translatewiki.net logrotate[19185]: error: skipping "/www/translatewiki.net/logs/details" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Apr 28 00:00:05 web2.translatewiki.net systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Apr 28 00:00:05 web2.translatewiki.net systemd[1]: logrotate.service: Failed with result 'exit-code'.
Apr 28 00:00:05 web2.translatewiki.net systemd[1]: Failed to start Rotate log files.

Outcome

Translatewiki.net MediaWiki debug log files are rotated, to limit the space they use and to automatically purge potentially sensitive information after a given time period.

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 28 2020, 1:50 PM
Nikerabbit triaged this task as High priority.Jun 3 2020, 2:44 PM

Change 603403 had a related patch set uploaded (by Nikerabbit; owner: Nikerabbit):
[translatewiki@master] Puppet: Fix log rotation and log permissions

https://gerrit.wikimedia.org/r/603403

Change 603405 had a related patch set uploaded (by Nikerabbit; owner: Nikerabbit):
[translatewiki@master] Puppet: Remove old logrotate module

https://gerrit.wikimedia.org/r/603405

Change 603403 merged by jenkins-bot:
[translatewiki@master] Puppet: Fix log rotation and log permissions

https://gerrit.wikimedia.org/r/603403

Change 603405 merged by jenkins-bot:
[translatewiki@master] Puppet: Remove old logrotate module

https://gerrit.wikimedia.org/r/603405

Nikerabbit closed this task as Resolved.Jun 11 2020, 1:24 PM
Nikerabbit updated the task description. (Show Details)