I'm running my own Ansible role which has a dependency from munge. Here the munge ansible role I'm using which raises the following error:
Error: Logfile is insecure: invalid ownership of "/var/log/munge"
This is the output of the journalctl -xe command:
Mar 20 10:29:03 server systemd[1]: munge.service: control process exited, code=exited status=1
Mar 20 10:29:03 server systemd[1]: Failed to start MUNGE authentication service.
-- Subject: Unit munge.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit munge.service has failed.
--
-- The result is failed.
Mar 20 10:29:03 server systemd[1]: Unit munge.service entered failed state.
Mar 20 10:29:03 server systemd[1]: munge.service failed.
Mar 20 10:29:03 server polkitd[1478]: Unregistered Authentication Agent for unix-process:13743:81934 (system bus name :1.69, object path /org/freedesktop/PolicyKit1/Authentication
Mar 20 10:30:03 server sshd[12068]: Received disconnect from 127.0.0.1 port 56954:11: disconnected by user
Mar 20 10:30:03 server sshd[12068]: Disconnected from 127.0.0.1 port 56954
Mar 20 10:30:03 server sshd[12068]: pam_unix(sshd:session): session closed for user root
Mar 20 10:30:03 serverr systemd-logind[1481]: Removed session 7.
The permission seems to be fine:
ls -lh /var/log/
...
drwx------. 2 munge munge 4.0K Mar 20 10:23 munge
...
And this is the unit file:
vi /usr/lib/systemd/system/munge.service
[Unit]
Description=MUNGE authentication service
Documentation=man:munged(8)
After=network.target
After=syslog.target
After=time-sync.target
[Service]
Type=forking
ExecStart=/usr/sbin/munged
PIDFile=/var/run/munge/munged.pid
User=munge
Group=munge
Restart=on-abort
[Install]
WantedBy=multi-user.target
What's wrong?
IMO you have dir
mungeinside/var/log/munge, this is not what you intended.ls -lhis recursive, what you probably intended wasls -ld /var/log/mungewhich is not recursive but lists just the directory itself.