496318 – www-servers/nginx - init script gives message that should be programmatically checked

Bug 496318 - www-servers/nginx - init script gives message that should be programmatically checked

Summary: www-servers/nginx - init script gives message that should be programmatically...

Status:	CONFIRMED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2013-12-28 21:56 UTC by Doug Goldstein (RETIRED)
Modified:	2022-06-05 08:14 UTC (History)
CC List:	4 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Doug Goldstein (RETIRED) gentoo-dev

2013-12-28 21:56:36 UTC

When you emerge nginx you get the following:

 * Messages for package www-servers/nginx-1.4.4:

 * Please make sure that the nginx user or group has at least
 * 'rx' permissions on /var/log/nginx (default on a fresh install)
 * Otherwise you end up with empty log files after a log rotate.

There's no reason we shouldn't stick:

checkpath -D -o nginx /var/log/nginx

In the init script and drop that message. Why spit ewarns when its something we can check for.

I can patch if it the maintainers agree.

Comment 1 Johan Bergström 2013-12-28 22:03:07 UTC

Sounds good to me.

Comment 2 Agostino Sarubbo gentoo-dev

2013-12-29 08:53:12 UTC

what about with systemd?

Comment 3 Doug Goldstein (RETIRED) gentoo-dev

2013-12-29 20:59:51 UTC

(In reply to Agostino Sarubbo from comment #2)
> what about with systemd?

Doesn't systemd do all of its own logging and you don't use the logrotate cronjobs with it?

Comment 4 Mike Gilbert gentoo-dev

2013-12-29 21:38:48 UTC

(In reply to Doug Goldstein from comment #3)

That depends on the application. If it logs to stdout or syslog then systemd handles it. If it manages its own external log files (as nginx appears to do), then there is nothing magical in systemd to handle that.

Comment 5 Tiziano Müller (RETIRED) gentoo-dev

2014-01-08 08:25:03 UTC

Negative. The requirements are that the nginx user can rx the dir, how that happens is up to the admin, stomping over the permissions set by the admin in a startup script is not acceptable.
Besides, the ewarn only appears if the permissions must be corrected.
Automatically correcting them in the pkg_postinst run would be acceptable, I guess.

Comment 6 Johan Bergström 2014-01-14 23:26:38 UTC

@tiziano:
Running it in pkg_postinst was my idea as well.

Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev

2014-03-09 13:29:00 UTC

Isn't that a duplicate of the discussion in bug 473036?

Comment 8 Thomas Deutschmann (RETIRED) gentoo-dev

2016-07-20 00:56:57 UTC

OK, what's the status of this bug? Can we remove

> # If the nginx user can't change into or read the dir, display a warning.
> # If su is not available we display the warning nevertheless since we can't check properly
> su -s /bin/sh -c 'cd /var/log/nginx/ && ls' nginx >&/dev/null
> if [ $? -ne 0 ] ; then
> 	ewarn "Please make sure that the nginx user or group has at least"
> 	ewarn "'rx' permissions on /var/log/nginx (default on a fresh install)"
> 	ewarn "Otherwise you end up with empty log files after a logrotate."
> fi

(from https://github.com/gentoo/gentoo/blob/8dd9fab6768ab82e3c23aaf3d35800bc96b8fc86/www-servers/nginx/nginx-1.10.0.ebuild#L313-L318)

from the ebuild?

It was needed in the past to help our users because we had set invalid permission per default.

But this was fixed for more than 1.5y. Now with the 1.10 milestone we really now longer need this... any objections?