PDA

View Full Version : logrotate errors?



copland007
19th September 2004, 09:56 AM
For some reason I am getting this emailed to me:

/etc/cron.daily/logrotate:

error: error running postrotate script
error: error running postrotate script
error: error running postrotate script
error: error running shared postrotate script for /usr/local/apache/logs/*log
error: error running shared postrotate script for /var/log/mailman/bounce /var/log/mailman/digest /var/log/mailman/error /var/log/mailman/post /var/log/mailman/smtp /var/log/mailman/smtp-failure /var/log/mailman/qrunner /var/log/mailman/locks /var/log/mailman/fromusenet /var/log/mailman/subscribe /var/log/mailman/vette
error: error running shared postrotate script for /var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron

I am at a loss for debugging, I really don't know what the problem could be. I haven't changed anything recently. And I notice that for the logs mentioned the system continues to write to the rotated logs, for example /var/log/messages.1 instead of /var/log/messages. Which leads to me to believe it had issues reloading services perhaps.

Running logrotate /etc/logrotate.conf -f produces the same output. I checked the .pid files and they have the correct pids for the services. I try running the postrotate commands myself on the command line and don't get any errors. I had to reboot the box to get the services to log into the correct logs (i.e. /var/log/messages instead of /var/log/messages.1)

Any thoughts?

copland007
19th September 2004, 10:12 AM
A sniplet of strace shows
open("/var/log/apf_log", O_RDWR|O_CREAT|O_LARGEFILE, 0600) = 3
fchmod(3, 0600) = 0
fchown32(3, 0, 0) = 0
fchmod(3, 0600) = 0
close(3) = 0
open("/tmp/logrotate.tlcRpe", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = 3
fchmod(3, 0700) = 0
write(3, "#!/bin/sh\n\n", 11) = 11
write(3, "\n", 1) = 1
close(3) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGC HLD, child_tidptr=0xf7077ba8) = 11929
--- SIGCHLD (Child exited) @ 0 (0) ---
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], 0, NULL) = 11929
unlink("/tmp/logrotate.tlcRpe") = 0
write(2, "error: ", 7) = 7
write(2, "error running postrotate script\n", 32) = 32
Does this mean it is trying to execute something on /tmp?
I have /tmp mounted with noexec.

If this is the case how do I stop logrotate from executing on /tmp??

tashirosgt
19th September 2004, 04:46 PM
Could it be that logrotate nees to writie a script file in /tmp and then tries to run that script? If it tried to write itself a big script ( /tmp/logrotate.tlcRpe is made executable by fchmod) to do a group of rotations in /tmp then this this would fail, but the scripts for the individual rotations might run from the command line. You'd get an error when you tried to execute a child process to run the big script, even if the big script contained only comments.

Did you try running logrotate with the -d, the debug option?

tashirosgt
19th September 2004, 05:10 PM
I downloaded the source code for logrotate from:
http://packages.debian.org/unstable/admin/logrotate
(get the *.orig.tar.gz file for it.) In logrotate.c the environmental variable TMPDIR is used. So to run logrotate with a different TMPDIR, I suppose you could try something like
env TMPDIR=mytmpdir logrotate
I haven't tried this myself.

copland007
19th September 2004, 06:52 PM
Thanx for digging, I'll give that a shot.

bmorgenthaler
1st October 2004, 03:17 PM
Thanks, these were the same errors I was seeing. Removing noexec from the /tmp partition worked.

However I would like to change this but this is a binary only system, no source and no other box to compile source on. Is there a change in the conf file that would let me specific another directory?

tashirosgt
1st October 2004, 04:44 PM
The man on logrotate says you can put shell commands between the "prerotate" and "endscript" sections of the configuration file. So you could try putting something like
prerotate
TMPDIR=mytempdir
endscript
in the configuration files in /etc/logrotate.d I haven't tried this myself and where TMPDIR gets set is a mystery. I don't see any TMPDIR in my environment when I am a user or when I am root. If I didn't set it to something, would I have to set it back to what it was after I finished? I'll start a thread to ask.