Blob Blame History Raw
From 893ab396daffebfe5bb97e9fcf0adbd7fda1b828 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Fri, 18 Jan 2019 16:10:56 +0100
Subject: [PATCH] logrotate.8: encourage admins to use the `su` directive

... to rotate files in directories that are directly or indirectly in
control of non-privileged users.  Originally reported in the following
pull request:

https://github.com/logrotate/logrotate/pull/235

Closes #236

Upstream-commit: 3e170c0609a18e0bb5fd7f647cb877221d576456
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
 logrotate.8.in | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/logrotate.8.in b/logrotate.8.in
index 56c4a32..ee26821 100644
--- a/logrotate.8.in
+++ b/logrotate.8.in
@@ -575,7 +575,9 @@ user/group (usually root). \fIuser\fR specifies the user name used for
 rotation and \fIgroup\fR specifies the group used for rotation. If the
 user/group you specify here does not have sufficient privilege to make 
 files with the ownership you've specified in a \fIcreate\fR instruction, 
-it will cause an error.
+it will cause an error.  If logrotate runs with root privileges, it is
+recommended to use the \fBsu\fR directive to rotate files in directories
+that are directly or indirectly in control of non-privileged users.
 
 .TP
 \fBtabooext\fR [+] \fIlist\fR
-- 
2.21.3