Community Packages

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#49539 - [gitlab] logrotate fails due to /var/log/gitlab

Attached to Project: Community Packages
Opened by Melvin Vermeeren (melvinvermeeren) - Thursday, 02 June 2016, 09:12 GMT
Last edited by Sven-Hendrik Haase (Svenstaro) - Monday, 13 June 2016, 11:25 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Sven-Hendrik Haase (Svenstaro)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
logrotate fails due to /var/log/gitlab being root:gitlab.
Updating the logrotate config file for gitlab should fix this issue.

Additional info:
* gitlab-shell 2.7.2-13

$ systemctl --failed
$ journalctl -r -u logrotate
Jun 02 00:00:02 mel.vin systemd[1]: logrotate.service: Failed with result 'exit-code'.
Jun 02 00:00:02 mel.vin systemd[1]: logrotate.service: Unit entered failed state.
Jun 02 00:00:02 mel.vin systemd[1]: Failed to start Rotate log files.
Jun 02 00:00:02 mel.vin systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Jun 02 00:00:02 mel.vin logrotate[20145]: error: skipping "/var/log/gitlab/unicorn.stdout.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Jun 02 00:00:02 mel.vin logrotate[20145]: error: skipping "/var/log/gitlab/unicorn.stderr.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Jun 02 00:00:02 mel.vin logrotate[20145]: error: skipping "/var/log/gitlab/sidekiq.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Jun 02 00:00:02 mel.vin logrotate[20145]: error: skipping "/var/log/gitlab/repocheck.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Jun 02 00:00:02 mel.vin logrotate[20145]: error: skipping "/var/log/gitlab/production.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Jun 02 00:00:02 mel.vin logrotate[20145]: error: skipping "/var/log/gitlab/gitlab-shell.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Jun 02 00:00:02 mel.vin logrotate[20145]: error: skipping "/var/log/gitlab/githost.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Jun 02 00:00:02 mel.vin logrotate[20145]: error: skipping "/var/log/gitlab/application.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
Jun 02 00:00:02 mel.vin systemd[1]: Starting Rotate log files...
This task depends upon

Closed by  Sven-Hendrik Haase (Svenstaro)
Monday, 13 June 2016, 11:25 GMT
Reason for closing:  Fixed
Comment by Sven-Hendrik Haase (Svenstaro) - Thursday, 02 June 2016, 11:05 GMT
Is your suggested fix to chown gitlab:gitlab the whole /var/log/gitlab dir?
Comment by Melvin Vermeeren (melvinvermeeren) - Thursday, 02 June 2016, 13:15 GMT
I'm not sure what official guidelines are, but that is the way both icecast and teamspeak3-server are configured over here and those seem to work fine.

It is probably the best fix in this case.
Comment by Sven-Hendrik Haase (Svenstaro) - Saturday, 04 June 2016, 07:11 GMT
This is fixed in gitlab-shell but users will need to set fix this manually once because pacman won't change permissions on already installed dirs.
Comment by Melvin Vermeeren (melvinvermeeren) - Monday, 06 June 2016, 16:25 GMT
  • Field changed: Percent Complete (100% → 0%)
Current fix doesn't resolve the issue.

Adding "su gitlab gitlab" to /etc/logrotate.d/gitlab does fix it.
Comment by Sven-Hendrik Haase (Svenstaro) - Monday, 13 June 2016, 11:24 GMT
Ok I see the problem. I now made the directory owned by gitlab:root /var/log/gitlab

This fixed it for me after changing this so closing this.

Loading...