Hi, Logrotate 3.8 introduced stricter demands on the ownership of log directories. It refuses to rotate log files in directories that are writable by anyone other than root to avoid e.g. symlink tricks of a compromised account. The correct fix is to change the ownership of log _directories_ to root and also don't allow any group != 0 to write there. It's still ok for log _files_ to be owned and writable by some unprivileged user or group. Bad: drwxrwxr-x 2 foo bar /var/log/foo/ -rw-rw-r-- 2 foo bar /var/log/foo/foo.log Good: drwxr-xr-x 2 root root /var/log/foo/ -rw-rw-r-- 2 foo bar /var/log/foo/foo.log Alternatively if the package in question for whatever reason requires the log directory to be writable by unprivileged users logrotate now also supports a 'su' option. So I've introduced a new rpmlint check in Factory that checks for user owned log directories resp lack of the 'su' option. rpmlint now also complains if the log directory is not packaged as it obviously can't check the permissions then. So please fix your package if you see the 'logrotate-user-writable-log-dir' error in the build log as logrotate won't rotate logs for this package in the future. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org