It seems that the recent CIS benchmark implements the rule 4.2.3 correctly and this issue is not a CIS benchmark bug.
So the issue is somewhere between charms, CIS and the deb packages I think.
This is the example log of reproducing the issue with rabbitmq package inside a Bionic LXD container on my dev environment: https://pastebin.ubuntu.com/p/xRJbsGkGFZ/ . The workaround was to add 'rabbitmq' user to syslog group and after that re-installation succeeded and rabbitmq server started successfully from the post-install scripts.
Similar problems are observed during installation of percona-xtradb-cluster-server package: post-install script (the service is running under mysql/mysql user which doesn't have the access to /var/log anymore and post-install script keeps waiting for it to start):
root@unbiased-bull:~# systemctl status mysql
● mysql.service - Percona XtraDB Cluster daemon
Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
Active: activating (start-pre) since Wed 2021-07-07 01:10:32 UTC; 25s ago
Cntrl PID: 5325 (mysql-systemd-s)
Tasks: 2 (limit: 4915)
CGroup: /system.slice/mysql.service
├─5325 /bin/bash /usr/share/mysql/mysql-systemd-start pre
└─5509 sleep 1
Jul 07 01:10:33 unbiased-bull mysql-systemd-start[5325]: 2021-07-07T01:10:33.310269Z 0 [ERROR] --initialize specified but the data directory has files in it. Aborting.
Jul 07 01:10:33 unbiased-bull mysql-systemd-start[5325]: 2021-07-07T01:10:33.310291Z 0 [ERROR] Aborting
Jul 07 01:10:33 unbiased-bull su[5392]: pam_unix(su:session): session closed for user mysql
Jul 07 01:10:33 unbiased-bull su[5410]: Successful su for mysql by root
Jul 07 01:10:33 unbiased-bull su[5410]: + ??? root:mysql
Jul 07 01:10:33 unbiased-bull su[5410]: pam_unix(su:session): session opened for user mysql by (uid=0)
Jul 07 01:10:33 unbiased-bull su[5410]: pam_unix(su:session): session closed for user mysql
Jul 07 01:10:33 unbiased-bull mysql-systemd-start[5325]: 2021-07-07T01:10:33.570688Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_time
Jul 07 01:10:33 unbiased-bull mysql-systemd-start[5325]: 2021-07-07T01:10:33.575813Z 0 [ERROR] Could not open file '/var/log/mysqld.log' for error logging: Permission denied
Jul 07 01:10:33 unbiased-bull mysql-systemd-start[5325]: 2021-07-07T01:10:33.575851Z 0 [ERROR] Abortin
It seems that the recent CIS benchmark implements the rule 4.2.3 correctly and this issue is not a CIS benchmark bug.
So the issue is somewhere between charms, CIS and the deb packages I think.
This is the example log of reproducing the issue with rabbitmq package inside a Bionic LXD container on my dev environment: https:/ /pastebin. ubuntu. com/p/xRJbsGkGF Z/ . The workaround was to add 'rabbitmq' user to syslog group and after that re-installation succeeded and rabbitmq server started successfully from the post-install scripts.
Similar problems are observed during installation of percona- xtradb- cluster- server package: post-install script (the service is running under mysql/mysql user which doesn't have the access to /var/log anymore and post-install script keeps waiting for it to start):
root@unbiased- bull:~# systemctl status mysql system/ mysql.service; enabled; vendor preset: enabled) slice/mysql. service mysql/mysql- systemd- start pre
● mysql.service - Percona XtraDB Cluster daemon
Loaded: loaded (/lib/systemd/
Active: activating (start-pre) since Wed 2021-07-07 01:10:32 UTC; 25s ago
Cntrl PID: 5325 (mysql-systemd-s)
Tasks: 2 (limit: 4915)
CGroup: /system.
├─5325 /bin/bash /usr/share/
└─5509 sleep 1
Jul 07 01:10:33 unbiased-bull mysql-systemd- start[5325] : 2021-07- 07T01:10: 33.310269Z 0 [ERROR] --initialize specified but the data directory has files in it. Aborting. start[5325] : 2021-07- 07T01:10: 33.310291Z 0 [ERROR] Aborting su:session) : session closed for user mysql su:session) : session opened for user mysql by (uid=0) su:session) : session closed for user mysql start[5325] : 2021-07- 07T01:10: 33.570688Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_ defaults_ for_time start[5325] : 2021-07- 07T01:10: 33.575813Z 0 [ERROR] Could not open file '/var/log/ mysqld. log' for error logging: Permission denied start[5325] : 2021-07- 07T01:10: 33.575851Z 0 [ERROR] Abortin
Jul 07 01:10:33 unbiased-bull mysql-systemd-
Jul 07 01:10:33 unbiased-bull su[5392]: pam_unix(
Jul 07 01:10:33 unbiased-bull su[5410]: Successful su for mysql by root
Jul 07 01:10:33 unbiased-bull su[5410]: + ??? root:mysql
Jul 07 01:10:33 unbiased-bull su[5410]: pam_unix(
Jul 07 01:10:33 unbiased-bull su[5410]: pam_unix(
Jul 07 01:10:33 unbiased-bull mysql-systemd-
Jul 07 01:10:33 unbiased-bull mysql-systemd-
Jul 07 01:10:33 unbiased-bull mysql-systemd-