If you are seeing the log sizes expand in size and log rotation failing then you should first check systemctl/journalctl to see if it is reporting permission denied:
[root@localhost ~]# journalctl | grep rotate
Dec 28 00:00:01 panel.domain logrotate[2570]: error: error opening /usr/local/mediacp/log/nginx/access.log: Permission denied
Dec 28 00:00:01 panel.domain logrotate[2570]: error: error opening /usr/local/mediacp/log/nginx/internal.log: Permission denied
Dec 28 00:00:01 panel.domain logrotate[2570]: error: error opening /usr/local/mediacp/log/nginx/proxy_access.log: Permission denied
Dec 28 00:00:01 panel.domain systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Dec 28 00:00:01 panel.domain systemd[1]: logrotate.service: Failed with result 'exit-code'.
Dec 29 00:00:01 panel.domain logrotate[113488]: error: error opening /usr/local/mediacp/log/nginx/access.log: Permission denied
Dec 29 00:00:01 panel.domain logrotate[113488]: error: error opening /usr/local/mediacp/log/nginx/internal.log: Permission denied
Dec 29 00:00:01 panel.domain logrotate[113488]: error: error opening /usr/local/mediacp/log/nginx/proxy_access.log: Permission denied
Dec 29 00:00:01 panel.domain systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Dec 29 00:00:01 panel.domain systemd[1]: logrotate.service: Failed with result 'exit-code'.
We have seen this on SELinux when it is in Enforcing mode as opposed to Permissive. You can see this by running getenforce; If you are on Enforcing mode then moving to permissive will resolve this or you can stick with Enforcing and apply the following change to permit SELinux access to the path:
semanage fcontext -a -t var_log_t '/usr/local/mediacp/log(/.*)?'
restorecon -Rv /usr/local/mediacp/log
- logs, rotation, storage
- 0 Users Found This Useful
