Trying to use logrotate and I get the following error when I run the log rotate script for a particular definition in logrotate.d
error: error creating state file /var/lib/logrotate/status: Permission denied
/var/lib/logrotate$ ls -lah
total 12K
drwxr-xr-x 2 root root 4.0K 2012-05-11 06:25 .
drwxr-xr-x 43 root root 4.0K 2012-05-18 08:07 ..
-rw-r--r-- 1 root root 911 2012-05-25 06:25 status
I haven't touched that path, so I wonder why it would create an error by default...
DO NOT chmod
the default status file to 666. If you chmod
it, every user on the system is able to use logrotate
as attack vector.
Just define a (private) state file for your user (Assuming that you are trying to run it as regular user) with option [-s|--state file]
.
Are you sure you run this command as root...? ;) If so please check if there is an AppArmour on the system - if yes check it's configuration or uninstall it (Ubuntu case).
There was this line in a crontab:
* * * * * root logrotate -s /var/run/logrotate.status /etc/logrotate.conf
Even though it was running as root, I couldn't get rid of the "error: error creating state file /var/run/logrotate/status: Permission denied" error.
So I just used a different directory:
* * * * * root /usr/sbin/logrotate -s /var/log/logrotate.status -v /etc/logrotate.conf >/tmp/logrotate.out 2>&1
Used the debugging idea from https://serverfault.com/questions/762587/daily-logrotate-error-creating-unique-temp-file-permission-denied but changed it so the output file doesn't grow indefinitely, which would be ironic.
The verbose mode didn't provide any additional information in this case, by the way, just which config file it was reading and the same error message. But it was better having the output on that file rather than in /var/mailspool.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With