logrotate fails on RHEL 7 due to selinux issue

Could not reproduce this with RHEL 7. Can you provide the output of sestatus?

[root@localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-123.el7.x86_64 #1 SMP Mon Jun 30 12:09:22 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost ~]#

[root@localhost ~]# logrotate -v -f /etc/logrotate.d/mysql
reading config file /etc/logrotate.d/mysql

Handling 1 logs

rotating pattern: /var/lib/mysql/mysqld.log forced from command line (5 rotations)
empty log files are not rotated, old logs are removed
considering log /var/lib/mysql/mysqld.log
  log needs rotating
rotating log /var/lib/mysql/mysqld.log, log->rotateCount is 5
dateext suffix '-20150313'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/lib/mysql/mysqld.log.5.gz to /var/lib/mysql/mysqld.log.6.gz (rotatecount 5, logstart 1, i 5),
old log /var/lib/mysql/mysqld.log.5.gz does not exist
renaming /var/lib/mysql/mysqld.log.4.gz to /var/lib/mysql/mysqld.log.5.gz (rotatecount 5, logstart 1, i 4),
old log /var/lib/mysql/mysqld.log.4.gz does not exist
renaming /var/lib/mysql/mysqld.log.3.gz to /var/lib/mysql/mysqld.log.4.gz (rotatecount 5, logstart 1, i 3),
old log /var/lib/mysql/mysqld.log.3.gz does not exist
renaming /var/lib/mysql/mysqld.log.2.gz to /var/lib/mysql/mysqld.log.3.gz (rotatecount 5, logstart 1, i 2),
old log /var/lib/mysql/mysqld.log.2.gz does not exist
renaming /var/lib/mysql/mysqld.log.1.gz to /var/lib/mysql/mysqld.log.2.gz (rotatecount 5, logstart 1, i 1),
old log /var/lib/mysql/mysqld.log.1.gz does not exist
renaming /var/lib/mysql/mysqld.log.0.gz to /var/lib/mysql/mysqld.log.1.gz (rotatecount 5, logstart 1, i 0),
old log /var/lib/mysql/mysqld.log.0.gz does not exist
log /var/lib/mysql/mysqld.log.6.gz doesn't exist -- won't try to dispose of it
fscreate context set to system_u:object_r:mysqld_db_t:s0
renaming /var/lib/mysql/mysqld.log to /var/lib/mysql/mysqld.log.1
running postrotate script
compressing log with: /bin/gzip
set default create context
[root@localhost ~]#
[root@localhost ~]# tail -f /var/log/audit/audit.log
type=AVC msg=audit(1426241282.297:431): avc: denied { getattr } for pid=4136 comm="mysqld_safe" path="/sys/kernel/mm/transparent_hugepage/enabled" dev="sysfs" ino=5013 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=SYSCALL msg=audit(1426241282.297:431): arch=c000003e syscall=4 success=no exit=-13 a0=7fdd40 a1=7fff740b4f30 a2=7fff740b4f30 a3=8 items=0 ppid=1 pid=4136 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mysqld_safe" exe="/usr/bin/bash" subj=system_u:system_r:mysqld_safe_t:s0 key=(null)
type=SERVICE_START msg=audit(1426241285.099:432): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="mysqld" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=USER_ACCT msg=audit(1426241401.496:433): pid=4387 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_ACQ msg=audit(1426241401.497:434): pid=4387 uid=0 auid=4294967295...

Sure, though it matches yours:

# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28

Thanks.

This appears to have been corrected in a recent release, likely between feb and march.

Thanks.

Thank you for status update.

[Expired for Percona Server 5.5 because there has been no activity for 60 days.]

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PS-3261