BUG: fix logrotate ownership options

The packaged configuration for logrotate falsely contained options applying to other programs' log files. This caused wrong ownerships of log files.
This issues is corrected, but the ownership of affected log files may need to be changed manually.
To find affected files, you may use:
```bash
sudo find /var/log/ -user intelmq ! -path \*intelmq\*
```

fixes #2110

Author: Sebastian Wagner

CHANGELOG.md

@@ -59,6 +59,7 @@ CHANGELOG
 ### Tools
 
 ### Contrib
+- logrotate: Move compress and ownership rules to the IntelMQ-blocks to prevent that they apply to other files (PR#2111 by Sebastian Wagner, fixes #2110).
 
 ### Known issues
 

NEWS.md

@@ -22,6 +22,14 @@ The field names for all data added to messages must match a pre-defined format.
 The check which ensures this, was ineffective prior to this version and is effective again starting with version 3.1.0.
 The [Data format documentation](https://intelmq.readthedocs.io/en/maintenance/dev/data-format.html#rules-for-keys) describes the required format.
 
+### Logrotate
+The packaged configuration for logrotate falsely contained options applying to other programs' log files. This caused wrong ownerships of log files.
+This issues is corrected, but the ownership of affected log files may need to be changed manually.
+To find affected files, you may use:
+```bash
+sudo find /var/log/ -user intelmq ! -path \*intelmq\*
+```
+
 ### Configuration
 
 ### Libraries

contrib/logrotate/intelmq

@@ -1,13 +1,12 @@
-compress
-delaycompress
-create 644 intelmq intelmq
-
 /opt/intelmq/var/log/*.log {
     su intelmq intelmq
     daily
     maxsize 10M
     rotate 60
     notifempty
+    compress
+    delaycompress
+    create 644 intelmq intelmq
     sharedscripts
     postrotate
         sudo -u intelmq /usr/local/bin/intelmqctl --quiet reload
@@ -20,6 +19,9 @@ create 644 intelmq intelmq
     maxsize 10M
     rotate 60
     notifempty
+    compress
+    delaycompress
+    create 644 intelmq intelmq
     sharedscripts
     postrotate
         sudo -u intelmq /usr/local/bin/intelmqctl --quiet reload file-output

debian/patches/fix-logrotate-path.patch

@@ -1,21 +1,18 @@
 Description: Fix paths in logrotate configuration to obey FHS
 Author: Gernot Schulz <gernot@intevation.de>, Sebastian Wagner <wagner@cert.at>
-Last-Update: 2021-03-03
+Last-Update: 2021-09-14
 ---
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
---- a/contrib/logrotate/intelmq	2021-03-03 11:08:37.811638328 +0100
-+++ b/contrib/logrotate/intelmq	2021-03-03 11:09:27.415930805 +0100
-@@ -2,7 +2,7 @@
- delaycompress
- create 644 intelmq intelmq
- 
+--- a/contrib/logrotate/intelmq
++++ b/contrib/logrotate/intelmq
+@@ -1,4 +1,4 @@
 -/opt/intelmq/var/log/*.log {
 +/var/log/intelmq/*.log {
      su intelmq intelmq
      daily
      maxsize 10M
-@@ -10,11 +10,11 @@
-     notifempty
+@@ -9,11 +9,11 @@
+     create 644 intelmq intelmq
      sharedscripts
      postrotate
 -        sudo -u intelmq /usr/local/bin/intelmqctl --quiet reload
@@ -28,8 +25,8 @@ This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
      su intelmq intelmq
      daily
      maxsize 10M
-@@ -22,6 +22,6 @@
-     notifempty
+@@ -24,6 +24,6 @@
+     create 644 intelmq intelmq
      sharedscripts
      postrotate
 -        sudo -u intelmq /usr/local/bin/intelmqctl --quiet reload file-output