error: error creating state file /var/lib/logrotate/status: Permission denied

ubuntu logrotate
Victor S picture Victor S · May 25, 2012 · Viewed 14.3k times · Source

Trying to use logrotate and I get the following error when I run the log rotate script for a particular definition in logrotate.d

error: error creating state file /var/lib/logrotate/status: Permission denied

/var/lib/logrotate$ ls -lah
total 12K
drwxr-xr-x  2 root root 4.0K 2012-05-11 06:25 .
drwxr-xr-x 43 root root 4.0K 2012-05-18 08:07 ..
-rw-r--r--  1 root root  911 2012-05-25 06:25 status

I haven't touched that path, so I wonder why it would create an error by default...

Answer

Rayne picture Rayne · Oct 20, 2012

DO NOT chmod the default status file to 666. If you chmod it, every user on the system is able to use logrotate as attack vector.

Just define a (private) state file for your user (Assuming that you are trying to run it as regular user) with option [-s|--state file].

Related questions

Apache and logrotate configuration

last week I found a problem on my server, because the disk usage was 100% and i found out apache had created a huge error.log file of 60GB. I changed then the LogLevel to emerg, but after one week it's …

Read More
How to configure Logrotate with dateext and extension

I tried to configure logrotate to keep the date and the extension of the log being rotated: With the current configuration, the file: /var/www/redmine/log/production.log Is logrotated in : /var/www/redmine/log/production.-20160710log I …

Read More
logrorate: error: lines must begin with a keyword or a filename (possibly in double quotes)

I have the following logrorate config for my iptables: /var/log/iptables.log { daily missingok rotate 3 compress notifempty delaycompress postrotate /usr/sbin/service rsynclog restart > /dev/null endscript } When I try to issue checking for file syntax I the …

Read More