Question

我已安排cron.hourly作业来旋转catalina.out日志。我在logrotate.d中创建了一个名为tomcat的文件，其中包含以下内容

/opt/apache-tomcat-7.0.55/logs/catalina.out {
    copytruncate
    daily 
    size 500k
    rotate 3
    compress
    missingok
    create 0600 root root
}

我还在/etc/cron.hourly文件夹中创建了一个名为logrotateTomcat的文件，其中包含以下内容：

#!/bin/sh

/usr/sbin/logrotate /etc/logrotate.d/tomcat >/dev/null 2>&1
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
    /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0

如果我运行命令/etc/cron.hourly/logrotateTomcat，它会旋转日志文件并压缩它。如果我多次手动运行，它还会保持旋转计数。但它不会自动执行相同的操作我的日志条目如下所示/ var / log / cron表示任务已运行但它不会旋转文件。

ar 15 06:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[16107]: starting logrotateTomcat
Mar 15 06:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[16124]: finished logrotateTomcat
Mar 15 06:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[16107]: starting mcelog.cron
Mar 15 06:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[16139]: finished mcelog.cron
Mar 15 06:10:01 adaptapppsdev CROND[16273]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 06:20:01 adaptapppsdev CROND[16423]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 06:30:01 adaptapppsdev CROND[16567]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 06:40:01 adaptapppsdev CROND[16713]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 06:50:01 adaptapppsdev CROND[16859]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 07:00:01 adaptapppsdev CROND[17005]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 07:01:01 adaptapppsdev CROND[17025]: (root) CMD (run-parts /etc/cron.hourly)
Mar 15 07:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17025]: starting 0anacron
Mar 15 07:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17034]: finished 0anacron
Mar 15 07:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17025]: starting logrotateTomcat
Mar 15 07:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17042]: finished logrotateTomcat
Mar 15 07:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17025]: starting mcelog.cron
Mar 15 07:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17057]: finished mcelog.cron
Mar 15 07:10:01 adaptapppsdev CROND[17187]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 07:20:01 adaptapppsdev CROND[17333]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 07:30:02 adaptapppsdev CROND[17479]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 07:40:01 adaptapppsdev CROND[17625]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 07:50:01 adaptapppsdev CROND[17772]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 08:00:01 adaptapppsdev CROND[17954]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 08:01:01 adaptapppsdev CROND[17977]: (root) CMD (run-parts /etc/cron.hourly)
Mar 15 08:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17977]: starting 0anacron
Mar 15 08:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17986]: finished 0anacron
Mar 15 08:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17977]: starting logrotateTomcat
Mar 15 08:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17994]: finished logrotateTomcat
Mar 15 08:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[17977]: starting mcelog.cron
Mar 15 08:01:01 adaptapppsdev run-parts(/etc/cron.hourly)[18009]: finished mcelog.cron
Mar 15 08:10:01 adaptapppsdev CROND[18168]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 08:14:04 adaptapppsdev crontab[18230]: (root) LIST (root)
Mar 15 08:20:01 adaptapppsdev CROND[18327]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Mar 15 08:30:01 adaptapppsdev CROND[18473]: (root) CMD (/usr/lib64/sa/sa1 1 1)

如果我遗失了某些东西，请帮助我。

Answer 1

SELinux拒绝logrotate检查旋转日志文件的属性，当logrotate必须在/ var / log之外旋转文件（在logrotate.conf中定义）时会发生这种情况。 logrotate确实发送了一个记录器消息logrotate：由于SELinux，ALERT异常退出[1]，但它并没有阻止logrotate成功完成。 Solutuion：

semanage fcontext -a -t var_log_t '/opt/<apachetomcat>/logs(/.*)?'

然后

cat /etc/selinux/targeted/contexts/files/file_contexts.local
# This file is auto-generated by libsemanage
# Do not edit directly.

opt/<apachetomcat>/logs(/.*)?    system_u:object_r:var_log_t:s0

终于

# restorecon -Frvv opt/<apachetomcat>/logs

这将完成您在/ var / log

之外旋转日志所需的一切

cron.hourly无法正常工作

1 个答案: