Comment 12 for bug 1776533

The change I5029a4b9c76268455812696290aaf82f1a0c2c23 had caused a regression so that
the filter is stopped working and matches nothing.

The postscript command is executed inside of the logrotate-crond container, like this way:

()[root@5c78303fb8c2 /]# /sbin/lsof -nPs +L1 +D /var/log/containers 2>&1 | awk '/\S+\s+[0-9]+\s.*\/var\/log\/.*\(deleted\)/ {print}'
neutron-s 2572 neutron 5w REG 252,1 234 0 8419523 /var/log/neutron/server.log.1 (deleted)
httpd 2862 root 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
glance-ap 3026 glance 3w REG 252,1 131 0 29510206 /var/log/glance/api.log.1 (deleted)
httpd 3192 keystone 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3193 keystone 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3194 keystone 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3194 keystone 11w REG 252,1 2853 0 96570982 /var/log/keystone/keystone.log.1 (deleted)
httpd 3195 keystone 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3195 keystone 11w REG 252,1 2853 0 96570982 /var/log/keystone/keystone.log.1 (deleted)
httpd 3197 48 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3198 48 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3199 48 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3200 48 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3201 48 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3202 48 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3203 48 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
httpd 3204 48 10w REG 252,1 3287 0 549003 /var/log/httpd/keystone_wsgi_admin_access.log.1 (deleted)
nova-api- 3810 nova 3w REG 252,1 129 0 26281737 /var/log/nova/nova-api-metadata.log.1 (deleted)
neutron-s 5129 neutron 5w REG 252,1 234 0 8419523 /var/log/neutron/server.log.1 (deleted)
neutron-s 5130 neutron 5w REG 252,1 234 0 8419523 /var/log/neutron/server.log.1 (deleted)
neutron-s 5131 neutron 5w REG 252,1 234 0 8419523 /var/log/neutron/server.log.1 (deleted)
neutron-s 5132 neutron 5w REG 252,1 234 0 8419523 /var/log/neutron/server.log.1 (deleted)

So you can see that the real path should be examined for deleted (open and unlined) logs is /var/log/ and not /var/log/containers. The latter is only used to apply the logrotation over the bind-mounted host path. It cannot affect any host logs outside of /var/log/containers, so the change I5029a4b9c76268455812696290aaf82f1a0c2c23 needs to be partially discarded.