2

I'm getting this notification from awstats:

Error while processing /etc/awstats/awstats.conf
Create/Update database for config "/etc/awstats/awstats.conf" by AWStats version 7.4 (build 20150714)
From data in log file "/var/log/apache2/access.log"...
Error: Couldn't open server log file "/var/log/apache2/access.log" : Permission denied
Setup ('/etc/awstats/awstats.conf' file, web server or permissions) may be wrong.
Check config file, permissions and AWStats documentation (in 'docs' directory).

However, I don't see anything wrong with the permissions:

> ls -l /var/log/apache2/access.log
-rw-r--r-- 1 root adm 62438 Sep 30 09:51 /var/log/apache2/access.log
> ls -ld /var/log/apache2
drwxr-xr-x 2 root root 12288 Sep 30 06:25 /var/log/apache2/
> ls -ld /var/log
drwxr-xr-x 20 root root 4096 Sep 30 06:25 /var/log/
> ls -ld /var
drwxr-xr-x 13 root root 4096 Sep 23 14:39 /var/

What am I missing here?

EDIT for more clarification:

This error is being thrown by the awstats cron job. The contents of the cron job are:

> cat /etc/cron.d/awstats
MAILTO=root

*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh

# Generate static reports:
10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh

So the job is being run by user www-data.

www-data should have read access to the file; when I run sudo -u www-data less /var/log/apache2/access.log it works fine.

Does awstats need write permission to the log file? It seems weird that it would need it, but I can't find any documentation telling me definitely one way or the other.

onigame
  • 131
  • 1
  • 3

3 Answers3

1

it's either a :

  1. user problem (your process runs as another user than root and the files does not have a 666 or 664)
  2. filesystem usage issue (e.g 100% used) FS
olivierg
  • 494
  • 1
  • 6
  • 24
0

Perhaps your apache is not running as root:adm and the process wants to write to it ?

user9517
  • 114,104
  • 20
  • 206
  • 289
0

check if user www-data has group adm:

root@serverweb:~# id www-data

uid=1001(www-data) gid=1001(www-data) groups=1001(www-data),4(adm)

otherwise add it in /etc/group:

root@serverweb:~# grep www /etc/group

adm:x:4:www-data

www-data:x:33: