Resolved No logrotate for fail2ban.log

[SabineW]

Hi to all,
on my server (Plesk Onyx v17.0.17 on Ubuntu 14.04.5 LTS) the fail2ban.log is quite large (more than 8 GB) and it seems, that the logrotate dosn't work correctly.
With the command

logrotate -d -f /etc/logrotate.d/fail2ban​

I got this errormessage

error: skipping "/var/log/fail2ban.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.​

but the "su" directive is set in my config file

# use the syslog group by default, since this is the owning group
# of /var/log/syslog.
su root syslog​

And here is the information about the rights of the logfile:

-rw------- 1 root root 8,8G Dez 30 11:23 fail2ban.log​

Are this enough Information to help?
(Sorry for my bad english.)

 

[Bitpalast]

... because parent directory has insecure permissions (It's world writable or writable by group which is not "root") ...

--> Check the permissions and owner of the parent directory, not of the log file. I think /var/log ought to be 755 and root:root.

 

[SabineW]

Hi Peter,
thank you for your help. I have changed the permissions and the group of the /var/log-directory and now the logrotate works fine.
Best regards
Sabine