I'm getting this notification from awstats:
Error while processing /etc/awstats/awstats.conf
Create/Update database for config "/etc/awstats/awstats.conf" by AWStats version 7.4 (build 20150714)
From data in log file "/var/log/apache2/access.log"...
Error: Couldn't open server log file "/var/log/apache2/access.log" : Permission denied
Setup ('/etc/awstats/awstats.conf' file, web server or permissions) may be wrong.
Check config file, permissions and AWStats documentation (in 'docs' directory).
However, I don't see anything wrong with the permissions:
> ls -l /var/log/apache2/access.log
-rw-r--r-- 1 root adm 62438 Sep 30 09:51 /var/log/apache2/access.log
> ls -ld /var/log/apache2
drwxr-xr-x 2 root root 12288 Sep 30 06:25 /var/log/apache2/
> ls -ld /var/log
drwxr-xr-x 20 root root 4096 Sep 30 06:25 /var/log/
> ls -ld /var
drwxr-xr-x 13 root root 4096 Sep 23 14:39 /var/
What am I missing here?
EDIT for more clarification:
This error is being thrown by the awstats cron job. The contents of the cron job are:
> cat /etc/cron.d/awstats
MAILTO=root
*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh
# Generate static reports:
10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh
So the job is being run by user www-data
.
www-data
should have read access to the file; when I run sudo -u www-data less /var/log/apache2/access.log
it works fine.
Does awstats need write permission to the log file? It seems weird that it would need it, but I can't find any documentation telling me definitely one way or the other.