我的logrotate容器给我以下错误:
error: Ignoring activity_logs because it is writable by group or others.
error: Ignoring httpd because it is writable by group or others.
error: Ignoring reminder_cron because it is writable by group or others.
activity_logs和reminder_cron在/opt/logs目录中,而httpd在/var/log/httpd内部
以下是在logrotate容器中装入文件夹时的文件夹权限:
drwxr-xr-x 2 root root 64 Aug 27 04:08 logs
drwxrwxr-x 2 root root 64 Sep 1 20:45 httpd
Logrotate与root用户一起运行
我正在尝试为所有docker容器设置集中式logrotate。 以下是我的docker-compose.yml文件:
version: '3'
services:
server:
image: private-apache:latest
command: /usr/sbin/apachectl -DFOREGROUND
ports:
- "XXXX:XXXX"
volumes:
- ./html:/var/www/html
- ./opt:/opt
- ./logs/httpd:/var/log/httpd
- ./data/tmp:/tmp
links:
- mysql
- redis
- beanstalkd
- rsyslog
restart: always
logrotate:
image: private-logrotate:latest
command: /usr/sbin/crond -f
volumes:
- ./logs/rsyslog/var/log:/var/log
- ./opt/logs:/opt/logs
- ./logs/httpd:/var/log/httpd
restart: always
rsyslog:
image: private-rsyslog:latest
ports:
- "XXX:XXX"
volumes:
- ./logs/rsyslog/var/log:/var/log
restart: always
depends_on:
- logrotate
mysql:
image: private-mysql:latest
privileged: false
ports:
- "XXXX:XXXX"
volumes:
- ./data/mysql:/var/lib/mysql
- ./data/tmp:/tmp
environment:
- MYSQL_ROOT_PASSWORD=password
- MYSQL_DATABASE=databasename
restart: always
redis:
image: private-redis:latest
ports:
- "XXXX:XXXX"
volumes:
- ./data/redis:/var/lib/redis
restart: always
beanstalkd:
image: private-beanstalkd:latest
restart: always
ports:
- "XXXX:XXXX"
server容器和rsyslog容器使用不同的用户生成日志。 logrotate容器不了解这些用户,因此无法将su放在/etc/logrotate.d/httpd,/etc/logrotate.d/activity_log和/etc/logrotate.d/reminder_cron中。
我想知道是否可以强制logrotate忽略这些错误并从已装入的卷中旋转日志。
还是有更好的方法做到这一点。
这个想法是让所有容器都具有中央对数旋转