Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

logrotate.service failed due to bad permissions on /var/log/sssd/*.log #1798

Open
Nemric opened this issue Sep 18, 2024 · 2 comments
Open

logrotate.service failed due to bad permissions on /var/log/sssd/*.log #1798

Nemric opened this issue Sep 18, 2024 · 2 comments
Labels
F41 fallout/f41 kind/bug status/pending-upstream-release Fixed upstream. Waiting on an upstream component source code release.

Comments

@Nemric
Copy link

Nemric commented Sep 18, 2024
edited
Loading

Describe the bug

Fedora CoreOS 41.20240916.1.0
Tracker: https://github.com/coreos/fedora-coreos-tracker
Discuss: https://discussion.fedoraproject.org/tag/coreos

Last login: Tue Sep 17 19:17:17 2024 from 192.168.10.58
[systemd]
Failed Units: 1
  logrotate.service

core@Turing:~$ journalctl -eu logrotate.service 
Sep 18 00:38:22 Turing systemd[1]: Starting logrotate.service - Rotate log files...
Sep 18 00:38:22 Turing logrotate[330652]: error: skipping "/var/log/sssd/*.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Sep 18 00:38:22 Turing systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Sep 18 00:38:22 Turing systemd[1]: logrotate.service: Failed with result 'exit-code'.
Sep 18 00:38:22 Turing systemd[1]: Failed to start logrotate.service - Rotate log files.

Reproduction steps

Well, just upgrade and wait or manualy trigger logrotate.service
I run FCOS on this machine since months/years so I don't know when these files get their first permissions that seems to be a problem now

Expected behavior

No failed units

Actual behavior

Having a failed unit after logrotate

System details

Baremetal PXE booted FCOS with /var mounted on HDD for data persistance

Butane or Ignition config

not relevant

Additional information

/var/log/sssd is empty and is owned by sssd:sssd

root@Turing:~# ls -lah /var/log/sssd/
total 4.0K
drwxrwx---.  2 sssd sssd    6 Apr 21  2023 .
drwxr-xr-x. 12 root root 4.0K Sep  1 00:00 ..
@tazihad
Copy link

tazihad commented Sep 18, 2024

Similar issue for rebasing Fedora kinoite 40 to kinoite 41
https://discussion.fedoraproject.org/t/rebase-to-fedora-41-kinoite-gives-error/

@travier
Copy link
Member

travier commented Sep 18, 2024

Likely https://bugzilla.redhat.com/show_bug.cgi?id=2308428

@travier travier added F41 status/pending-upstream-release Fixed upstream. Waiting on an upstream component source code release. labels Sep 18, 2024
@dustymabe dustymabe changed the title [f41] logrotate.service failed due to bad permissions on /var/log/sssd/*.log logrotate.service failed due to bad permissions on /var/log/sssd/*.log Sep 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
F41 fallout/f41 kind/bug status/pending-upstream-release Fixed upstream. Waiting on an upstream component source code release.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dustymabe @tazihad @Nemric @travier