logrotate(3.8.6)在使用替换用户运行postscripts命令时给出了PAM Auth拒绝。
当我以root身份从shell强制logrotate时,相同的配置工作正常,但当cron执行logrotate时失败并出现以下错误
logrotate config
/var/log/rabbitmq/*.log {
su rabbitmq rabbitmq
daily
dateext
dateyesterday
missingok
rotate 7
compress
delaycompress
notifempty
sharedscripts
postrotate
su rabbitmq -s /bin/sh "echo"-c
endscript
}
内容
May 3 22:57:01 ip-10-6-78-5 su: pam_unix(su:auth): auth could not identify password for [rabbitmq]
May 3 22:57:01 ip-10-6-78-5 su: pam_unix(su:auth): auth could not identify password for [rabbitmq]
May 3 22:57:01 ip-10-6-78-5 su: pam_succeed_if(su:auth): requirement "uid >= 1000" not met by user "rabbitmq"
May 3 22:57:01 ip-10-6-78-5 su: pam_succeed_if(su:auth): requirement "uid >= 1000" not met by user "rabbitmq"
May 3 22:57:01 ip-10-6-78-5 su: FAILED SU (to rabbitmq) root on none
May 3
答案 0 :(得分:0)
您是否可以尝试在sudo之前添加su并将-c参数用于su命令,所以您的命令应类似于:
sudo su rabbitmq -c '/bin/sh "echo"-c'