Next debian version release breaks mailman logrotate

Just a FYI so you keep it in mind....

In the next release of Debian, currently testing, logrotate will require the use of 'su' to by-pass ownership.

error: skipping "/var/log/mailman/error" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

That is what you will get if you don't use 'su'

To fix you need to add 'su owner group' to the lines

/var/log/mailman/vette /var/log/mailman/error /var/log/mailman/bounce {
su list list
create 0664 list list
rotate 3
[ -f '/var/run/mailman/' ] && /usr/lib/mailman/bin/mailmanctl -q reopen || exit 0




That logrotate config file isn't supplied by Virtualmin though - I assume it is part of the mailman package.

So this seems more like a Debian bug?

It's a distro wide security issue -- read the RH bug report.

Correct the logrotate file for mailman is supplied by the package however current installs of that file are not updated when this patched version of logrotate is installed. That means users will get a error like the one I posted and until you dig into it you don't realize you just need to add that 'su' line.

This was just a FYI for any future reports that probably will be posted here.

Ok, thanks - we'll keep this in mind as we work on Debian 7 support.