In the my original post I had followed the recipe specified in: Make rsyslog on Linux save WeeWX logs separate from system https://github.com/weewx/weewx/wiki/logging
That resulted in the error messages I mentioned above. Though the wiki specifies symlinking from the directory /etc/rsyslog.d/ to /etc/weewx/rsyslog.d/weewx.conf, Vince suggested that the weewx.conf file should instead be copied to /etc/rsyslog.d/. Indeed, this was *part* of the solution, at least for Linux Mint (an Ubuntu derivative). Apparmor did *not* like the symlink. On the other hand, logrotate does not mind if /etc/logrotate.d/weewx is a symlink to /etc/weewx/logrotate.d/weewx. After, some debugging, here is a list of other things I had to do in order to get separate logging to work on my system (Linux Mint 22.2 and probably Ubuntu): * /var/log/weewx -- remove group write permissions from this directory: $ sudo chmod g-w /var/log/weewx * /etc/weewx/logrotate.d/weewx -- should be owned by root, with weewx group $ sudo chown root:weewx /etc/weewx/logrotate.d/weewx * /etc/weewx/logrotate.d/weewx -- remove group write permissions: $ sudo chmod g-w /etc/weewx/logrotate.d/weewx * /var/log/weewx/weewxd.log must be owned by syslog: $ sudo chown syslog:syslog /var/log/weewx/weewx.log On Monday, December 8, 2025 at 10:17:31 PM UTC-8 vince wrote: > Not an apparmor user, but I do have a question. Why would the os possibly > be complaining about /etc/weewx/rsyslog.d/weewx.conf which is a provided > template file you're supposed to copy to /etc/rsyslog.d ? You didn't > symlink to it or something did you ? You're supposed to copy it into the > /etc/rsyslog.d directory... > > > On Monday, December 8, 2025 at 8:24:55 PM UTC-8 John Steggall wrote: > >> I've set up separate rsyslog logging for weewx, following the >> documentation and Vince's recent post. This is on a Linux Mint 22.2 system >> with an apt installation of weewx. When I restart rsyslog, I get the >> following error: >> >> 2025-12-08T20:07:51.092692-08:00 XPS-13-9370 kernel: audit: type=1400 >> audit(1765253271.090:163): apparmor="DENIED" operation="open" class="file" >> profile="rsyslogd" name="/etc/weewx/rsyslog.d/weewx.conf" pid=1343000 >> comm="rsyslogd" requested_mask="r" denied_mask="r" fsuid=0 ouid=131 >> >> I did a bit of research on apparmor and it looks like kind of a pain to >> navigate (e.g., >> https://www.maketecheasier.com/understanding-apparmor-in-ubuntu-linux/). >> >> Wondering if anyone has an easy solution or perhaps I should disable >> apparmor for rsyslog? >> >> -js >> > -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/weewx-user/fec6f59a-b84a-417e-99a0-1a9c2ed388fcn%40googlegroups.com.
