Hi all,
After our system’s most recent yum update, we keep receiving a daily cron error email detailing a permission issue with the log rotation folder owners. the folders /var/log/asterisk/ are currently set to permission 755 & asterisk/asterisk.
The following error message is received daily:
/etc/cron.daily/logrotate:
error: freepbx-api:1 duplicate log entry for /var/log/asterisk/gql_api_error.log
error: found error in file freepbx-api, skipping
error: freepbx-core:12 duplicate log entry for /var/log/asterisk/freepbx.log
error: freepbx-core:12 duplicate log entry for /var/log/asterisk/freepbx_security.log
error: freepbx-core:22 duplicate log entry for /var/log/asterisk/core-fastagi_err.log
error: found error in file freepbx-core, skipping
error: freepbx-restapps:1 duplicate log entry for /var/log/asterisk/restapps_err.log
error: found error in file freepbx-restapps, skipping
error: freepbx-ucp:1 duplicate log entry for /var/log/asterisk/ucp_err.log
error: found error in file freepbx-ucp, skipping
error: freepbx-xmpp:1 duplicate log entry for /var/log/asterisk/xmpp_err.log
error: found error in file freepbx-xmpp, skipping
error: freepbx-zulu:1 duplicate log entry for /var/log/asterisk/zulu_out.log
error: found error in file freepbx-zulu, skipping
error: pms:1 duplicate log entry for /var/log/asterisk/pms.log
error: found error in file pms, skipping
error: smartoffice:1 duplicate log entry for /var/log/asterisk/iot-server.log
error: found error in file smartoffice, skipping
error: skipping “/var/log/asterisk/messages” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/full” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/debug” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/security” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/adv_recovery.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/contactmanager_module_hook.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/core-fastagi_err.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/core-fastagi_out.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/firewall.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/freepbx.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/freepbx_security.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/gql_api_error.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/iot-server.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/pms.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/queue_log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/restapps_err.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/restapps.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/restapps_out.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/sangomartapi_err.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/sangomartapi_out.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/ucp_err.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/ucp_out.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/xmpp_err.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/xmpp_out.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping “/var/log/asterisk/zulu_out.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
is there a reason or need to set a folder managed by asterisk to root? Have I missed a security requirement?
Please advise.