Я установил несколько расширенных записей ACL для /var/log/squid3/ и /var/log/squid3/access.log.
sudo setfacl -m u:jetty:r-x,g:adm:r-x /var/log/squid3
sudo setfacl -m u:jetty:r--,g:adm:r-- /var/log/squid3/access.log
Поскольку журнал находится в ежедневном ротации, я теряю учетные записи каждый день.
Я редактирую sudo nano /etc/logrotate.d/squid3 но это не работает.
running postrotate script
setfacl: /var/log/squid3/access.log: No such file or directory
error: error running shared postrotate script for '/var/log/squid3/*.log '
Мой фрагмент logrotate в squid3:
/var/log/squid3/*.log {
daily
compress
delaycompress
rotate 2
missingok
nocreate
sharedscripts
prerotate
test ! -x /usr/sbin/sarg-reports || /usr/sbin/sarg-reports
endscript
postrotate
test ! -e /var/run/squid3.pid || test ! -x /usr/sbin/squid3 || /usr/sbin/squid3 -k rotate
/usr/bin/setfacl -m u:jetty:r--,g:adm:r-- /var/log/squid3/access.log
endscript
}
Сухой прогон sudo logrotate -vdf /etc/logrotate.d/squid3 дает:
reading config file /etc/logrotate.d/squid3
Handling 1 logs
rotating pattern: /var/log/squid3/*.log forced from command line (2 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/squid3/access.log
log needs rotating
considering log /var/log/squid3/cache.log
log needs rotating
rotating log /var/log/squid3/access.log, log->rotateCount is 2
dateext suffix '-20140307'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
compressing log with: /bin/gzip
renaming /var/log/squid3/access.log.2.gz to /var/log/squid3/access.log.3.gz (rotatecount 2, logstart 1, i 2),
renaming /var/log/squid3/access.log.1.gz to /var/log/squid3/access.log.2.gz (rotatecount 2, logstart 1, i 1),
renaming /var/log/squid3/access.log.0.gz to /var/log/squid3/access.log.1.gz (rotatecount 2, logstart 1, i 0),
rotating log /var/log/squid3/cache.log, log->rotateCount is 2
dateext suffix '-20140307'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
compressing log with: /bin/gzip
renaming /var/log/squid3/cache.log.2.gz to /var/log/squid3/cache.log.3.gz (rotatecount 2, logstart 1, i 2),
renaming /var/log/squid3/cache.log.1.gz to /var/log/squid3/cache.log.2.gz (rotatecount 2, logstart 1, i 1),
renaming /var/log/squid3/cache.log.0.gz to /var/log/squid3/cache.log.1.gz (rotatecount 2, logstart 1, i 0),
running prerotate script
running script (multiple) with arg /var/log/squid3/*.log : "
test ! -x /usr/sbin/sarg-reports || /usr/sbin/sarg-reports
"
renaming /var/log/squid3/access.log to /var/log/squid3/access.log.1
renaming /var/log/squid3/cache.log to /var/log/squid3/cache.log.1
running postrotate script
running script (multiple) with arg /var/log/squid3/*.log : "
test ! -e /var/run/squid3.pid || test ! -x /usr/sbin/squid3 || /usr/sbin/squid3 -k rotate
/usr/bin/setfacl -m u:jetty:r--,g:adm:r-- /var/log/squid3/access.log
"
removing old log /var/log/squid3/access.log.3.gz
removing old log /var/log/squid3/cache.log.3.gz
Принудительный запуск выдает ошибку:
sudo logrotate -vf /etc/logrotate.d/squid3
reading config file /etc/logrotate.d/squid3
Handling 1 logs
rotating pattern: /var/log/squid3/*.log forced from command line (2 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/squid3/access.log
log needs rotating
considering log /var/log/squid3/cache.log
log needs rotating
rotating log /var/log/squid3/access.log, log->rotateCount is 2
dateext suffix '-20140307'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
compressing log with: /bin/gzip
renaming /var/log/squid3/access.log.2.gz to /var/log/squid3/access.log.3.gz (rotatecount 2, logstart 1, i 2),
renaming /var/log/squid3/access.log.1.gz to /var/log/squid3/access.log.2.gz (rotatecount 2, logstart 1, i 1),
renaming /var/log/squid3/access.log.0.gz to /var/log/squid3/access.log.1.gz (rotatecount 2, logstart 1, i 0),
old log /var/log/squid3/access.log.0.gz does not exist
rotating log /var/log/squid3/cache.log, log->rotateCount is 2
dateext suffix '-20140307'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
compressing log with: /bin/gzip
renaming /var/log/squid3/cache.log.2.gz to /var/log/squid3/cache.log.3.gz (rotatecount 2, logstart 1, i 2),
renaming /var/log/squid3/cache.log.1.gz to /var/log/squid3/cache.log.2.gz (rotatecount 2, logstart 1, i 1),
renaming /var/log/squid3/cache.log.0.gz to /var/log/squid3/cache.log.1.gz (rotatecount 2, logstart 1, i 0),
old log /var/log/squid3/cache.log.0.gz does not exist
running prerotate script
renaming /var/log/squid3/access.log to /var/log/squid3/access.log.1
renaming /var/log/squid3/cache.log to /var/log/squid3/cache.log.1
running postrotate script
setfacl: /var/log/squid3/access.log: No such file or directory
error: error running shared postrotate script for '/var/log/squid3/*.log '
Первое предположение было бы то, что /var/log/squid3/access.log файл еще не был воссоздан, когда setfacl команда выполняется.
Чтобы решить эту проблему, удалите nocreate в конфигурации logrotate или замените его на create <mode> <owner> <group> для воссоздания файла журнала перед выполнением вашей команды postrotate.