logrotate icon indicating copy to clipboard operation
logrotate copied to clipboard

Published 20 hours ago verified publisher icon blacklabelops

Unknown groups/users don't appear to be rotated

Open josh1703658784 opened this issue 6 years ago • 6 comments

I have many log files present in /var/log/company_name to be rotated on an hourly basis into /var/log/company_name/rotated, keeping the past 24-hours. All logs seem to be rotating except a select few, which grow to gigabytes in size.

Upon inspecting the logrotate logs with docker logs logrotate, it appears that all the logfiles that aren't rotating have the following message printed when processing:

Found new file /var/log/company_name/mysql_error.log, Processing...
File has unknown user or group: , user: UNKNOWN, group: video

However, logfiles that are properly rotated have the following message printed:

Found new file /var/log/company_name/wkhtmltopdf.gunicorn.log, Processing...
Inserting new /var/log/company_name/wkhtmltopdf.gunicorn.log to /usr/bin/logrotate.d/logrotate.conf

Other notes: User: root Logrotate version: 1.2 Logrotate hash: sha256:e0d5e50a8716d7859079df4849f9034c56d0cb38ed46ad118b87e41f8a9437d6 Capabilities: dac_override, setgid, setuid Network: none Environment:

LOGROTATE_INTERVAL=hourly
LOGS_DIRECTORIES=/var/log/company_name
LOGROTATE_OLDDIR=/var/log/company_name/rotated
LOGROTATE_LOGFILE=/var/log/company_name/logrotate.log
LOGROTATE_COPIES=24
LOGROTATE_COMPRESSION=compress
LOGROTATE_STATUSFILE=/company_name/logrotate_status/logrotate.status
LOGROTATE_PARAMETERS=vf

I also tried enabling all capabilities and the network without any luck.

The error message appear accurate when running an ls -lahS on the log directory. But I don't understand why logrotate won't touch those files or how to force it to work with those files.

josh1703658784 avatar Jul 18 '18 15:07 josh1703658784

Logrotate need to know under which permission he has to create the rotated files.

Files with unknown user or group are currently ignored.

blacklabelops avatar Jul 18 '18 17:07 blacklabelops

Default behavior is now set to not ignore any files with unknown user or group but rotate it with the default user.

This should not be any problem because container's default user is root.

Would be a problem, when the container is not run as root.

blacklabelops avatar Jul 18 '18 18:07 blacklabelops

That's awesome!

Off the top of your head, would logrotate accept uid/gid in the generated config file? I might give that a try.

josh1703658784 avatar Jul 18 '18 19:07 josh1703658784

No

blacklabelops avatar Jul 19 '18 05:07 blacklabelops

I ended up writing a script that generates users dynamically when required. Is this something you would be interested in adding to the project?

josh1703658784 avatar Jul 19 '18 22:07 josh1703658784

Yes

blacklabelops avatar Jul 20 '18 04:07 blacklabelops