本文介绍了logrotate cron作业不旋转某些日志的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在"logrotate.d"目录中添加了两个脚本,以便轮换我的应用程序日志.这是其中之一的配置:

I added two scripts in "logrotate.d" directory for my application logs to be rotated.This is the config for one of them:

<myLogFilePath> {
  compress
  copytruncate
  delaycompress
  dateext
  missingok
  notifempty
  daily
  rotate 30
}

"cron.daily"目录中有一个"logrotate"脚本(根据cron日志似乎每天在运行):

There is a "logrotate" script in "cron.daily" directory (which seems to be running daily as per cron logs):

#!/bin/sh

echo "logrotate_test" >>/tmp/logrotate_test
#/usr/sbin/logrotate /etc/logrotate.conf >/dev/null 2>&1
/usr/sbin/logrotate -v /etc/logrotate.conf &>>/root/logrotate_error

EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
    /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0

第一个echo语句正在工作.
但我发现仅我的应用程序日志并没有轮换,而其他类似httpd的日志却被轮换**
**而且我也没有在提到的"logrotate_error"文件中看到任何输出
(具有对所有用户的写入权限).

The first echo statement is working.
But I find my application logs alone are not getting rotated, whereas other logs like httpd are getting rotated **
**And I also don't see any output in the mentioned "logrotate_error" file
(has write permission for all users).

但是,系统日志显示:"logrotate:ALERT异常退出,显示为[1]""

However the syslog says: "logrotate: ALERT exited abnormally with [1]"

但是当我在"cron.daily"脚本中手动运行相同的"logrotate"时,一切似乎都正常运行.

But when I run the same "logrotate" in "cron.daily" script manually, everything seems working fine.

为什么在每日Cron日程安排中它不旋转?我在这里做错什么了吗?
如果能得到我急需的帮助,那就太好了.

Why is it not rotating during daily cron schedule? Am I doing something wrong here?
It would be great if I get this much needed help.

更新:看起来是因为selinux造成的-我的用户主目录中的日志文件受到selinux的限制,并且运行logrotate脚本的时间为

UPDATED:It looks like, it's because of selinux - the log files in my user home directory has restrictions imposed by selinux and the when logrotate script is run:

SELinux is preventing /usr/sbin/logrotate from getattr access on the file /home/user/logs/application.log

推荐答案

SELinux限制了对不具有所需SELinux文件上下文类型的目录中的日志文件进行logrotate的访问. "/var/log"目录具有"var_log_t" 文件上下文,并且logrotate能够做到这一点.因此,解决方案是在我的应用程序日志文件及其父目录中设置它:

SELinux was restricting the access to logrotate on log files in directories which does not have the required SELinux file context type. "/var/log" directory has "var_log_t" file context, and logrotate was able to do the needful. So the solution was to set this on my application log files and it's parent directory:

semanage fcontext -a -t var_log_t <directory/logfile>
restorecon -v <directory/logfile>

这篇关于logrotate cron作业不旋转某些日志的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-09 13:00