logrotate bug in CentOS and workaround

Logrotate normally runs as a daily cron job and rotate/compress/remove the log files that are generated by the system. In a CentOS system, you may see this error in the email that sent from the cron job:

/etc/cron.daily/logrotate:

error: error running postrotate script
error: error running postrotate script
error: error running postrotate script
error: error running shared postrotate script for /var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron

And although logrotate changed messages to messages.1 and created a messages file, the messages.1 is the one that is still being logged to and growing.
This place gives some insight about the cause of this problem. But in a nutshell, logrotate executable writes something(probably a script) to /tmp and tries to execute it. Since /tmp is mounted on most system as “noexec” for security reasons, logrotate fails.

To work around this, we can create a new “tmp” directory and let logrotate use that one. For example, below is my new /etc/cron.daily/logrotate:

#!/bin/sh

TMPDIR=/var/tmp_safe
export TMPDIR

/usr/sbin/logrotate /etc/logrotate.conf
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate “ALERT exited abnormally with [$EXITVALUE]”
fi
exit 0

/var/tmp_safe is the new directory I created for logrotate and it needs to be executable.

To test this from command line, we will need to run /etc/cron.daily/logrotate. Notice that logrotate won’t rotate files twice in a same day so we need to add “-f” option after /usr/sbin/logrotate to force it rotate again. And you should see them rotating.

This entry was posted in server setup. Bookmark the permalink.