Page MenuHomePhabricator
Create Task
Maniphest T283951

Logrotate complains about world-writable permissions
Closed, ResolvedPublic
Actions

Description

Possibly introduced by this changeset.

May 28 20:06:35 thanos-fe1001 systemd[1]: Starting Rotate log files...
May 28 20:06:35 thanos-fe1001 logrotate[16971]: error: skipping "/srv/log/swift/proxy-access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in confi
May 28 20:06:35 thanos-fe1001 logrotate[16971]: error: skipping "/srv/log/swift/proxy.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file 
May 28 20:06:35 thanos-fe1001 logrotate[16971]: error: skipping "/srv/log/swift/server.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file
May 28 20:06:35 thanos-fe1001 systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
May 28 20:06:35 thanos-fe1001 systemd[1]: logrotate.service: Failed with result 'exit-code'.

Appears to affect thanos-(fe|be) and ms-(fe|be) in cron emails.

Details

SubjectRepoBranchLines +/-
Revert "swift: group-writable log directory"operations/puppetproduction+2 -2
Customize query in gerrit

Related Objects
Search...

Event Timeline

colewhite created this task.May 28 2021, 8:13 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 28 2021, 8:13 PM
colewhite updated the task description. (Show Details)May 28 2021, 8:17 PM
colewhite updated the task description. (Show Details)
jcrespo added a parent task: T132324: Tracking and Reducing cron-spam to root@ .May 31 2021, 3:25 PM
fgiunchedi added a comment.EditedJun 1 2021, 9:19 AM

Thank you for the followup and my apologies for the spam! This problem is indeed due to https://gerrit.wikimedia.org/r/c/operations/puppet/+/696013 which I'm going to revert now

gerritbot added a comment.Jun 1 2021, 9:21 AM

Change 697573 had a related patch set uploaded (by Filippo Giunchedi; author: Filippo Giunchedi):

[operations/puppet@production] Revert "swift: group-writable log directory"

https://gerrit.wikimedia.org/r/697573

gerritbot added a project: Patch-For-Review.Jun 1 2021, 9:21 AM
gerritbot added a comment.Jun 1 2021, 9:27 AM

Change 697573 merged by Filippo Giunchedi:

[operations/puppet@production] Revert "swift: group-writable log directory"

https://gerrit.wikimedia.org/r/697573

fgiunchedi closed this task as Resolved.Jun 1 2021, 9:36 AM
fgiunchedi claimed this task.

We're back! Resolving

Maintenance_bot removed a project: Patch-For-Review.Jun 1 2021, 10:10 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL