Opened 12 years ago
Closed 12 years ago
#179 closed enhancement (worksforme)
logrotate improvements
| Reported by: | unlim.myid.net | Owned by: | sb |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-package | Version: | 1.2.x |
| Keywords: | Cc: | ||
| uname -a: | - | ||
| nginx -V: |
nginx version: nginx/1.2.1
built by gcc 4.1.2 20080704 (Red Hat 4.1.2-51) TLS SNI support disabled configure arguments: --prefix=/etc/nginx/ --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-cc-opt='-O2 -g -m64 -mtune=generic' |
||
Description
currently logrotate job (/etc/logrotate.d/nginx) creates archives with 644 and root:root permissions.
Better to create them as 640 and nginx:nginx.
At least 640 should be used.
# ls -l /var/log/nginx/
total 205580
drwxr-xr-x 2 root root 4096 Jun 25 04:42 ./
drwxr-xr-x 9 root root 4096 Jun 25 04:42 ../
-rw-r----- 1 nginx nginx 42206375 Jun 25 13:56 access.log
-rw-r----- 1 nginx nginx 80435629 Jun 25 04:42 access.log.1
-rw-r--r-- 1 root root 87237684 Jun 25 04:42 access.log.2.gz
-rw-r----- 1 nginx nginx 1162 Jun 25 13:41 error.log
-rw-r----- 1 nginx nginx 884 Jun 24 14:39 error.log.1
-rw-r--r-- 1 root root 38984 Jun 25 04:42 error.log.2.gz
-rw-r--r-- 1 nginx root 339808 Jun 25 13:54 vhost-error_log
Seems directive "create 0640 nginx nginx" should help.
Thank you!
Change History (4)
comment:1 by , 12 years ago
comment:2 by , 12 years ago
| Component: | nginx-core → nginx-package |
|---|---|
| Version: | 1.3.x → 1.2.x |
comment:3 by , 12 years ago
| Owner: | changed from to |
|---|---|
| sensitive: | → 0 |
| Status: | new → assigned |
comment:4 by , 12 years ago
| Resolution: | → worksforme |
|---|---|
| Status: | assigned → closed |
No feedback in 6 months
logrotate script from nginx-1.2.1-1.el5.ngx has 'create 640 nginx adm' already.
Please check you are using correct logrotate script by
rpm -V nginx