logrotate rotates but doesn't compress log messages (as a cron job)
Issue
When logrotate runs as a cron job, it only rotates log files of foo.service but doesn't compress them.
In /var/log/messages or in journal was detected following error message when logrotate cron job was executed:
logrotate: ALERT exited abnormally with [1]
and the following selinux denials were found in /var/log/audit/audit.log:
type=USER_AVC msg=audit(1539689401.569:2897): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { status } for auid=0 uid=0 gid=0 path="/etc/rc.d/init.d/foo" cmdline="systemctl show foo.service" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
type=USER_AVC msg=audit(1539689401.673:2898): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { start } for auid=0 uid=0 gid=0 path="/etc/rc.d/init.d/foo cmdline="/bin/systemctl restart awslogs.service" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
Logrotate configuration file for foo.service is the following:
$ cat /etc/logrotate.d/foo
/var/log/foo.log {
missingok
notifempty
size 100K
create 0600 root root
compress
rotate 4
postrotate
/etc/init.d/foo restart > /dev/null
endscript
}
At the same time, when logrotate is executed manually, it rotates and compress logs successfully:
# logrotate -fv /etc/logrotate.conf
Environment
Red Hat Enterprise Linux 7
- selinux enforcing
- logrotate
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
