logrotateがエラーになっていた

Anacronから毎日メールが来ていて、updateしたよとか書いてあるが、なんかエラーのメールも来ている。

From:     Anacron <xxx@xxx.xxx>
To:       root@xxx.xxx.xxx
Subject:  Anacron job 'cron.daily' on mon-server2

/etc/cron.daily/logrotate:

error: skipping "/var/log/cloudstack/management/catalina.out" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

From: Anacron <xxx@xxx.xxx>

To: root@xxx.xxx.xxx

Subject: Anacron job 'cron.daily' on mon-server2

/etc/cron.daily/logrotate:

error: skipping "/var/log/cloudstack/management/catalina.out" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

logrotateで確認すると、

[root@mon-server2 logrotate.d]# logrotate -dv cloudstack-catalina
reading config file cloudstack-catalina
Allocating hash table for state file, size 15360 B

Handling 1 logs

rotating pattern: /var/log/cloudstack/management/catalina.out  after 1 days (14 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/cloudstack/management/catalina.out
error: skipping "/var/log/cloudstack/management/catalina.out" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

[root@mon-server2 logrotate.d]# logrotate -dv cloudstack-catalina

reading config file cloudstack-catalina

Allocating hash table for state file, size 15360 B

Handling 1 logs

rotating pattern: /var/log/cloudstack/management/catalina.out after 1 days (14 rotations)

empty log files are rotated, old logs are removed

considering log /var/log/cloudstack/management/catalina.out

catalina.outのパーミッションが良くないのでsuディレクティブをセットしろ。ってことらしいので。

パーミッション見ると、オーナーはcloud:cloudなので、

設定ファイルを編集して、su cloud cloudの行を追加。

/var/log/cloudstack/management/catalina.out {
    copytruncate
    daily
    rotate 14
    compress
    missingok
    create 0644 cloud cloud
    su cloud cloud
}

/var/log/cloudstack/management/catalina.out {

copytruncate

daily

rotate 14

compress

missingok

create 0644 cloud cloud

su cloud cloud

}

logrotateで確認

[root@mon-server2 logrotate.d]# logrotate -dv cloudstack-catalina
reading config file cloudstack-catalina
Allocating hash table for state file, size 15360 B

Handling 1 logs

rotating pattern: /var/log/cloudstack/management/catalina.out  after 1 days (14 rotations)
empty log files are rotated, old logs are removed
switching euid to 993 and egid to 991
considering log /var/log/cloudstack/management/catalina.out
  log does not need rotating (log has been already rotated)switching euid to 0 and egid to 0