Cron update after upgrading to Ubuntu 14.04.

After a recent upgrade from Ubuntu 12.04 to Ubuntu 14.04 I started to receive the email below. This email was being sent out by the cron system on a daily basis because the developers of Ubuntu are trying to make Ubuntu even more secure.

eMail

From:  root@myserver.com
Subject:   Cron <root@myserver> test -x /usr/sbin/anacron || ( cd / && run-parts –report /etc/cron.daily )
To:    root@myserver.com

/etc/cron.daily/logrotate:

error: skipping “/var/log/apache2/access.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/apache2/error.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/apache2/other_vhosts_access.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/apache2/suexec.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/apport.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/aptitude” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/dpkg.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/alternatives.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/fail2ban.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/mysql.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/ppp-connect-errors” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/razor-agent.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/rkhunter.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/syslog” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/mail.info” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/mail.warn” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/mail.err” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/mail.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/daemon.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/kern.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/auth.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/user.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/lpr.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/cron.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/debug” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/messages” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/ufw.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/wtmp” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/btmp” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/named/security.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

error: skipping “/var/log/procmail.log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

run-parts: /etc/cron.daily/logrotate exited with return code 1

 

The important part is of all of those statements in the email is

 

Set 'su'
Set “su” directive in config file to tell logrotate which user/group should be used for rotation.

 

which means the “su” directive in the logrotate config file located at ‘/etc/logrotate.conf’ has not been set. As a consequence none of the logs mentioned in the email could be rotated. Log files need to be rotated at least once a day or they will bloat and eventually fill the entire hard drive.

The fix is really very simple. Open the file ‘/etc/logrotate.conf’ with your favourite text editor and add a few blank lines in the conf file just after

 

# see “man logrotate” for details
# rotate log files weekly
weekly

 

then copy the three lines of code below.

 

Add this code
# use the syslog group by default, since this is the owning group
# of /var/log/syslog.
su root syslog

 

and paste them in between the blank lines you just created. Don’t forget to save the file. Now the top of your ‘/etc/logrotate.conf’ should look like.

 

‘/etc/logrotate.conf’

# see “man logrotate” for details
# rotate log files weekly
weekly

# use the syslog group by default, since this is the owning group
# of /var/log/syslog.
su root syslog

# keep 4 weeks worth of backlogs
rotate 4

 

That is it the next time your cron system runs all of those logs will be rotated automatically for you.

Should you kill or terminate a misbehaving process.

Have you ever had a linux process that was not running but when you try to start or restart the process nothing happens. You may find that you need to kill the process before you try to restart it because the process is actually still alive and not responding or not actually alive but the pid (which is a unique identifying number that tells the kernel that the process has stated or is alive) was not removed when the process ended. So the kernel thinks that the process is working just fine when in fact it is not and won’t start it a new.

Before you kill the process you should always try to terminate it first. Because terminate tries to end the process gracefully and finish writing any remaining data that the process may have stored in memory as well terminate will finish writing any logging data to assist you to find out what caused the process to fail in the first place

The command to terminate a process is

Code
kill -15 pid

replace pid with the pid number

If your attempt to terminate the process fails then you will have to use the more powerful kill command which will bypass the process and ask the kernel to kill the misbehaving process directly.

The command to have the kernel kill a process is

Code
kill -9 pid

replace pid with the pid number

Before you can kill the process you will have to find its pid. To find out the pid of a running process in virtualmin you can go to

Webmin> System> Running Processes>

and select pid from the Display menu then scroll to find the pid of the process you are looking for. Linux, kill, terminate, kill -15 pid, kill -15, kill -9 pid, kill -9, pid, linux process, process, not running, process not running, start, restart, start or restart, not responding, process not responding, kernel, pid not removed, kill the process, stop the process, terminate the process, end the process, end the process gracefully, writing any logging data, virtualmin, webmin, Running Processes,Click on the pid of the process you want to kill and you will be taken to a new screen where you can terminate or kill the process by clicking the matching button.

Linux, kill, terminate, kill -15 pid, kill -15, kill -9 pid, kill -9, pid, linux process, process, not running, process not running, start, restart, start or restart, not responding, process not responding, kernel, pid not removed, kill the process, stop the process, terminate the process, end the process, end the process gracefully, writing any logging data, virtualmin, webmin, Running Processes,If you are not a virtualmin user you can open a terminal window and type

Code
ps aux | less

which will give you a list that looks something like

Linux, kill, terminate, kill -15 pid, kill -15, kill -9 pid, kill -9, pid, linux process, process, not running, process not running, start, restart, start or restart, not responding, process not responding, kernel, pid not removed, kill the process, stop the process, terminate the process, end the process, end the process gracefully, writing any logging data, virtualmin, webmin, Running Processes,when you have the pid you need to kill the process. As mentioned above you should always try the terminate command first. In the terminal window type

Code
kill -15 pid

replace pid with the pid number

If the process does not terminate you will the need to use the more powerful kill command

Code
kill -9 pid

replace pid with the pid number