Hi,
has anyone also encountered the problem, that the logrotate service fails because it doesn’t have permission for /var/log/boot.log?
➜ log systemctl status logrotate
× logrotate.service - Rotate log files
Loaded: loaded (/usr/lib/systemd/system/logrotate.service; static)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf
Active: failed (Result: exit-code) since Mon 2025-05-26 16:05:41 CEST; 3min 40s ago
Invocation: <is this id sensitive?>
TriggeredBy: ● logrotate.timer
Docs: man:logrotate(8)
man:logrotate.conf(5)
Process: 1162142 ExecStart=/usr/sbin/logrotate /etc/logrotate.conf (code=exited, status=1/FAILURE)
Main PID: 1162142 (code=exited, status=1/FAILURE)
Mem peak: 3.4M
CPU: 29ms
Mai 26 16:05:41 <system-name> systemd[1]: Starting logrotate.service - Rotate log files...
Mai 26 16:05:41 <system-name> logrotate[1162142]: error: stat of /var/log/boot.log failed: Keine Berechtigung
Mai 26 16:05:41 <system-name> systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Mai 26 16:05:41 <system-name> systemd[1]: logrotate.service: Failed with result 'exit-code'.
Mai 26 16:05:41 <system-name> systemd[1]: Failed to start logrotate.service - Rotate log files.
I think this is down to selinux. I am seeing messages from setroubleshoot containing logrotate but I always set selinux mode to permissive.
This is not just a Ublue or Fedora thing. In my experience there are way too many things that are package in a distro that don’t work properly because of selinux.
Anyway, rant over, set it to permissive in /etc/selinux/config and move on with life!
You can check the permissions using ls -Z:
❯ ls -Z /var/log/boot.log
system_u:object_r:var_t:s0 /var/log/boot.log
If it isn’t right, you can restore the correct SELinux permissions using the restorecon command:
sudo restorecon -v /var/log/boot.log
ref
1 Like
klmcw
May 27, 2025, 4:38am
4
I didn’t realize but I am having the same problem.
Thanks, @JohnAtl - your suggestion produced the following results:
$ sudo restorecon -v /var/log/boot.log
[sudo] password prompt for klmcw:
Relabeled /var/log/boot.log from system_u:object_r:var_t:s0 to system_u:object_r:plymouthd_var_log_t:s0
After systemctl restart logrotate.service all is green.
Thanks!
3 Likes
Ha! I just checked and I have the same problem.
✦ ❯ ls -Z /var/log/boot.log
system_u:object_r:var_t:s0 /var/log/boot.log
~ via 🐍 v3.13.3 on ☁️ john@company
✦ ❯ sudo restorecon -v /var/log/boot.log
[sudo] password for john:
Relabeled /var/log/boot.log from system_u:object_r:var_t:s0 to system_u:object_r:plymouthd_var_log_t:s0
Opened an issue.
opened 12:08PM - 27 May 25 UTC
### Describe the bug
Log rotate service silently fails.
```
✦ ❯ systemctl statu… s logrotate.service
× logrotate.service - Rotate log files
Loaded: loaded (/usr/lib/systemd/system/logrotate.service; static)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf, 50-keep-warm.conf
Active: failed (Result: exit-code) since Tue 2025-05-27 00:57:35 EDT; 7h ago
Invocation: 538cb4bdd552481fa78067f12948f6e2
TriggeredBy: ● logrotate.timer
Docs: man:logrotate(8)
man:logrotate.conf(5)
Process: 875126 ExecStart=/usr/sbin/logrotate /etc/logrotate.conf (code=exited, status=1/FAILURE)
Main PID: 875126 (code=exited, status=1/FAILURE)
Mem peak: 4.5M
CPU: 42ms
May 27 00:57:35 beast systemd[1]: Starting logrotate.service - Rotate log files...
May 27 00:57:35 beast logrotate[875126]: error: stat of /var/log/boot.log failed: Permission denied
May 27 00:57:35 beast systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
May 27 00:57:35 beast systemd[1]: logrotate.service: Failed with result 'exit-code'.
May 27 00:57:35 beast systemd[1]: Failed to start logrotate.service - Rotate log files.
```
### What did you expect to happen?
No errors, logs rotated.
### Output of `bootc status`
```shell
❯ sudo bootc status
● Booted ostree
Commit: 970e8669fddb49d47690de2ce9c281aedb89042f7366531b2ec7f39c3b99f1eb
Rollback ostree
Commit: 49f0b223d67e259d2a41d728f8777d56475de911fe89147629bf19c59511e36f
```
### Output of `groups`
```shell
❯ groups
john wheel docker incus-admin libvirt
```
### Extra information or context
```
✦ ❯ ls -Z /var/log/boot.log
system_u:object_r:var_t:s0 /var/log/boot.log
~ via 🐍 v3.13.3 on ☁️ john@company.com(us-central1)
✦ ❯ sudo restorecon -v /var/log/boot.log
[sudo] password for john:
Relabeled /var/log/boot.log from system_u:object_r:var_t:s0 to system_u:object_r:plymouthd_var_log_t:s0
~ via 🐍 v3.13.3 on ☁️ john@company.com(us-central1) took 3s
✦ ❯ sudo systemctl restart logrotate.service
~ via 🐍 v3.13.3 on ☁️ john@company.com(us-central1)
✦ ❯ systemctl status logrotate.service
○ logrotate.service - Rotate log files
Loaded: loaded (/usr/lib/systemd/system/logrotate.service; static)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf, 50-keep-warm.conf
Active: inactive (dead) since Tue 2025-05-27 08:03:58 EDT; 8s ago
Invocation: c050394323cd413d9b220e5a22e98a8e
TriggeredBy: ● logrotate.timer
Docs: man:logrotate(8)
man:logrotate.conf(5)
Process: 1668250 ExecStart=/usr/sbin/logrotate /etc/logrotate.conf (code=exited, status=0/SUCCESS)
Main PID: 1668250 (code=exited, status=0/SUCCESS)
Mem peak: 4.1M
CPU: 26ms
May 27 08:03:58 beast systemd[1]: Starting logrotate.service - Rotate log files...
May 27 08:03:58 beast systemd[1]: logrotate.service: Deactivated successfully.
May 27 08:03:58 beast systemd[1]: Finished logrotate.service - Rotate log files.
```
1 Like
system
May 28, 2025, 12:04pm
6
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.