Auteur: Christian Marillat Date: À: dmo-discussion Sujet: Re: Update to mythtv-dmo 0.26.0-dmo2
Stephan Seitz <stse+debian@???> writes:
> On Wed, Oct 24, 2012 at 01:23:05PM +0200, Christian Marillat wrote:
>>> - /etc/logrotate.d/mythlogserver contains the line „su mythtv mythtv”,
>>> but I don’t find any hints in /etc/rsyslog.d/mythtv.conf that the
>>> logfiles should have this permission. We are running with syslog now,
>>> aren’t we?
>>Yes. Fixed.
>
> I’m afraid, it isn’t. 0.26.0-dmo3 still contains the line „su mythtv
> mythtv” in /etc/logrotate.d/mythlogserver. But as long as
> /var/log/mythtv has the permissions „mythtv:mythtv” with 2775,
> logrotate refuses to work:
>
> error: skipping „/var/log/mythtv/mythavtest.log” because parent
> directory has insecure permissions (It’s world writable or writable by
> group which is not „root”) Set „su” directive in config file to tell
> logrotate which user/group should be used for rotation.
Exactly why we have a su rules in the logrotate configuration file.
> So maybe we should change to „root:mythtv” with 755?
I don't see this problem here.
The best is to not have log file set to root:admin, because otherwise
the current mythtv user is unable to read these file if he isn't in the
adm group.