logrotate ignores files with g+w permission
Another logrotate post! If you have a logrotate definition, with permission g+w, logrotate will ignore it. You can see that if you run logrotate with -v flag.
-rw-------. 1 root root 349 Nov 2 15:02 nginx
If you want the nginx group to still be able to manage their own logrotate definition, use ACLs, which are already enabled by default on xfs and ext4
# setfacl -m 'group:nginx:rw-' nginx
# getfacl nginx
# file: nginx
# owner: root
# group: root
user::rw-
group::---
group:nginx:rw- #effective:---
mask::---
other::---
# ls -l nginx
-rw-------+ 1 root root 349 Nov 2 15:02 nginx
Comments