Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Logrotate config file needs to be owned by root #5444

Merged
merged 1 commit into from
Oct 18, 2023
Merged

Logrotate config file needs to be owned by root #5444

merged 1 commit into from
Oct 18, 2023

Conversation

yubiuser
Copy link
Member

@yubiuser yubiuser commented Oct 18, 2023
edited
Loading

What does this PR aim to accomplish?:

Currently, logrotate of the log files is broken. Reason is, that the logrotate config file needs to be owned by root and must not be writable by group or others. Otherwise errors occure.

nanopi@nanopi:~$ pihole flush once
  [i] Flushing /var/log/pihole/pihole.log ...warning: Potentially dangerous mode on /etc/pihole/logrotate: 0660
error: Ignoring /etc/pihole/logrotate because it is writable by group or others.

nanopi@nanopi:~$ sudo chmod g-w /etc/pihole/logrotate 
nanopi@nanopi:~$ pihole flush once
  [i] Flushing /var/log/pihole/pihole.log ...error: Ignoring /etc/pihole/logrotate because the file owner is wrong (should be root or user with uid 0).


nanopi@nanopi:~$ sudo chown root /etc/pihole/logrotate 
nanopi@nanopi:~$ sudo pihole flush once
  [✓] Flushed /var/log/pihole/pihole.log

By submitting this pull request, I confirm the following:

  1. I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
  2. I have commented my proposed changes within the code and I have tested my changes.
  3. I am willing to help maintain this change if there are issues with it later.
  4. It is compatible with the EUPL 1.2 license
  5. I have squashed any insignificant commits. (git rebase)
  6. I have checked that another pull request for this purpose does not exist.
  7. I have considered, and confirmed that this submission will be valuable to others.
  8. I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
  9. I give this submission freely, and claim no ownership to its content.
  • I have read the above and my PR is ready for review. Check this box to confirm

@yubiuser
Logrotate config file needs to be owned by root
d77dbf7 
Signed-off-by: Christian König <ckoenig@posteo.de>
@yubiuser yubiuser requested a review from a team October 18, 2023 20:13
@DL6ER
Copy link
Member

DL6ER commented Oct 18, 2023

Should we really do this on every FTL restart? Having said that I do see what the intention is: fix it whenever it is broken, have service pihole-FTL restart fix things in magic ways.

This question does not want to imply I'm against this, this question just came to my mind when seeing this.

On other matters: You did not check the checkbox ;-)

@yubiuser
Copy link
Member Author

On other matters: You did not check the checkbox ;-)

The confirmation checkbox is to far down.

I think this is a nice way to handle stuff in a save way - we have such a complex bash design with all the paths triggering updates, checkouts, repairs... they often call the install script and source and execute various parts of it.

@yubiuser yubiuser merged commit 33a4139 into development-v6 Oct 18, 2023
14 checks passed
@yubiuser yubiuser deleted the fix/logrotate branch October 18, 2023 21:00
@yubiuser yubiuser mentioned this pull request Oct 20, 2023
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DL6ER DL6ER DL6ER approved these changes

Assignees
No one assigned
Labels
Pi-hole v6.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@yubiuser @DL6ER