From 9e3327c05f4cba6ea6d95b627599cbb61154dfd3 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Mon, 7 Oct 2013 12:39:16 -0400 Subject: fix logrotation for newer logrotate: With the old permissions, it wouldn't rotate because of: error: skipping "/var/log/dovecot/dovecot.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation. So we fix the /var/log/dovecot permissions, and change the owner of the log files to dovecot --- manifests/base.pp | 2 +- manifests/logrotate.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/base.pp b/manifests/base.pp index 455e286..6960c8a 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -23,7 +23,7 @@ class dovecot::base { ensure => directory, require => Package['dovecot'], before => Service['dovecot'], - owner => dovecot, group => dovecot, mode => 0660; + owner => dovecot, group => dovecot, mode => 0750; [ '/var/log/dovecot/error.log', '/var/log/dovecot/dovecot.log' ]: diff --git a/manifests/logrotate.pp b/manifests/logrotate.pp index 4862824..c86f0f0 100644 --- a/manifests/logrotate.pp +++ b/manifests/logrotate.pp @@ -7,7 +7,7 @@ class dovecot::logrotate { context => "/files/etc/logrotate.d/dovecot/rule", changes => [ 'set file /var/log/dovecot/*.log', 'set rotate 3', 'set schedule daily', 'set compress compress', 'set sharedscripts sharedscripts', - 'set create/mode 0660', 'set create/owner root', 'set create/group dovecot', + 'set create/mode 0660', 'set create/owner dovecot', 'set create/group dovecot', 'set postrotate "/bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true"' ], } } -- cgit v1.2.3