From b80f30ac03dbf9234fb409cd15f0faf9f2919b81 Mon Sep 17 00:00:00 2001
From: Daniel Winzen <d@winzen4.de>
Date: Sun, 21 Oct 2018 10:44:23 +0200
Subject: [PATCH] Ignore insecure 777 permissions set by users on logrotate

---
 etc/logrotate.d/nginx | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/etc/logrotate.d/nginx b/etc/logrotate.d/nginx
index 6cbdc0f..eba3889 100644
--- a/etc/logrotate.d/nginx
+++ b/etc/logrotate.d/nginx
@@ -16,13 +16,14 @@
 		invoke-rc.d nginx rotate >/dev/null 2>&1
 	endscript
 }
-/home/*.onion/logs/*.log {
+/home/*/logs/*.log {
 	daily
 	missingok
 	rotate 1
 	nocompress
 	delaycompress
 	notifempty
+	su root www-data
 	create 0640 www-data www-data
 	sharedscripts
 	prerotate