Rsyslog service in docker container can not execute logrotation

  docker, logging, service, syslog, ubuntu

We have an Ubuntu 18.04.1 bionic container running on a ubuntu 18.04.1 bionic workstation. In the container we run RSyslog to log output from a number of applications. The logging works but when it is time to rotate the logfile we get the following error

execve("/opt/xxxxx/", ["/opt/xxxxx/", "/var/log/xxxx/appl.log"], 0x7ffc5b84a8d8 /* 18 vars */) = -1 EACCES (Permission denied)

It is notable that even if we replace the script with an "echo foo" we still get the same error.

We have checked file permissions. The docker container has been started in privileged mode and with all capabilities. We use the Docker version 19.03.6, build 369ce74a3c. The rsyslog service was "rsyslogd 8.32.0" has been run as both the syslog user and the root user. If rsyslog is run as a foreground application it still can’t execute the log rotation script.

We also ran the container on an up to date Debian workstation and then the logrotation worked.

So, having tested all this without success we wonder if there is anyone out there who has any idea of what the problem could be, or can think of something that can be checked.

Source: Docker Questions