logrotate says permission denied when rotating log / re-creating log file

Question

I'm new to logrotate on linux machines... here's what I have set up in my app's logrotate.d file:

/var/log/myapp.log {
daily
missingok
create 0660 root utmp
rotate 1
}

I set owner permissions on the myapp.log file for the account that runs the app in question, using chmod, directly from the bash shell.

when the app first runs, everything is fine. It logs just fine and it's all good. But when the log gets rotated, it deletes the log file and then tries to recreate the log file and it gives a permission denied error:

/bin/bash: /var/log/myapp.log: Permission denied

I know I'm doing something wrong with either the logrotate config file or chmod or something... can someone point me in the right direction and help me fix the problem?

Answer 1

I set owner permissions on the myapp.log file for the account that runs the app in question, using chmod, directly from the bash shell.

...so unless "the account that runs the app in question" is root, the config option

create 0660 root utmp

is wrong, because that is asking logrotate to create a new myapp.log (after it has rotated the original myapp.log to myapp.log.0) with permissions 0660 owned by user root and group utmp. Replacing these with the attributes required by your app should solve the problem.