1

I'm hosting multiple apache virtual hosts, with similar structure:

- /var/www/
  - domain
     - documentroot
     - logs

I've thus modified rule in logrotate.d/apache2 to start with

/var/log/apache2/*.log /var/www/*/logs/*.log {  ... rule details ... }

Now the problem, logrotate doesn't allow me to rotate the folders, because they are owned by user and group according to virtual hosting (group has usually multiple users, one user equals one virtual host)

Error message is

error: skipping "/var/www/default/logs/access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

How can I configure logrotate to use user and group from parent folder?
VirtualHosts are ran under MPM-ITK module to separate permissions for underlying apache/php-cgi processes.

Is it possible to avoid creating configuration rule for each virtualhost separately?

Marek Sebera
  • 271
  • 3
  • 16

1 Answers1

1

I would go a different approach. You have manyusers. Each has their own hosting. Each has their very own vhost config file. So, just like yould specify their phpadmin values, etc. there you could have aline to write the accesslog already.

Modify it to do the rotating as well.

Something like this:

CustomLog "|/usr/sbin/rotatelogs /var/www/client55/web2/logs/access2 86400" combined

steffen
  • 26
  • 1