Logrotate Cron job

Issues related to applications and software problems
Post Reply
plainsadmin
Posts: 1
Joined: 2019/05/09 14:44:00

Logrotate Cron job

Post by plainsadmin » 2019/05/09 15:36:50

I have been attempting to get a logrotate script to work on this CentOS cloud instance, for an embarrassingly long amount of time.

Here is my logrotate script that I have located at: /etc/logrotate.d/natpass

cat /etc/logrotate.d/natpass
/usr/local/natpass/logs/natpass.log {
su root root
size 512K
create 700 root root
copytruncate
rotate 10
}

When I run the command:
logrotate /etc/logrotate.d/natpass

The logs do rotate as they should, however when I set up this Cron job:

cat /etc/cron.d/natpass
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed

* * * * * root /usr/sbin/logrotate /etc/logrotate.d/natpass

The logs do not rotate.

You can see in /var/log/cron that the logrotate command is running, but there is no rotation occurring on the /usr/local/natpass/logs/natpass.log

May 9 15:20:01 NAT-PASS CROND[116973]: (root) CMD (/usr/lib64/sa/sa1 1 1)
May 9 15:21:01 NAT-PASS CROND[119606]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:22:01 NAT-PASS CROND[122190]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:23:01 NAT-PASS CROND[124793]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:24:02 NAT-PASS CROND[127438]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:25:01 NAT-PASS CROND[130005]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:26:01 NAT-PASS CROND[2334]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:27:01 NAT-PASS CROND[4988]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:28:01 NAT-PASS CROND[7652]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:29:01 NAT-PASS CROND[10267]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:30:01 NAT-PASS CROND[12909]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:30:01 NAT-PASS CROND[12908]: (root) CMD (/usr/lib64/sa/sa1 1 1)
May 9 15:31:01 NAT-PASS CROND[15535]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:32:01 NAT-PASS CROND[18119]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)
May 9 15:32:36 NAT-PASS crontab[19644]: (root) REPLACE (root)
May 9 15:33:01 NAT-PASS crond[123923]: (root) RELOAD (/var/spool/cron/root)
May 9 15:33:01 NAT-PASS CROND[20748]: (root) CMD (/usr/sbin/logrotate /etc/logrotate.d/natpass)

Does anyone have any suggestions or see anything that I am doing wrong?

Thanks in advance.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Logrotate Cron job

Post by TrevorH » 2019/05/09 17:07:36

I suspect that logrotate is not allowed to access files under /usr/local/natpass/logs/ as they probably have the wrong selinux context on them. Perhaps you need to use semanage fcontext (see man semanage-fcontext) to set up what are known as equivalence rules to assign the correct context to them based on the setup of /var/log itself (or just move your log files under there in the first place and be done!).

That's only a theory but if you run aureport -a then you should see some avcs in the audit log around the timestamp of the last logrotate run. Use ausearch using those aureport lines to show the full error.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

aks
Posts: 3073
Joined: 2014/09/20 11:22:14

Re: Logrotate Cron job

Post by aks » 2019/05/09 17:18:55

Apart from what Treevor said, doesn't logrotate require a state file (-s)?

quqonlik
Posts: 16
Joined: 2019/01/19 23:29:32

Re: Logrotate Cron job

Post by quqonlik » 2019/06/17 17:35:41

Try:

* * * * * /usr/sbin/logrotate -f /etc/logrotate.d/natpass

aks
Posts: 3073
Joined: 2014/09/20 11:22:14

Re: Logrotate Cron job

Post by aks » 2019/06/18 18:41:59

I was thinking more along the lines of a state file as in:
/sbin/logrotate -s /var/spool/logrotate.status /etc/logrotate.conf

Post Reply