I’m still seeing these daily cron errors, which have been raised a few times in the forum but with no resolution.
Quick summary is, the cron command in /etc/cron.d/munin runs as user www-data, but the directory it’s trying to delete is created with user:group, munin:munin, which is causing a “Permission denied” error.
These cron errors are being sent in email to root@box.example.com, which in my case winds up in a catchall account for box.example.com, and I haven’t been checking it, so if you’re wondering if this is happening on your server, try to look for these emails.
On my server, the directory, /var/lib/munin/cgi-tmp has ownership, munin:www-data. The issue seems to be that every directory under this path has ownership munin:munin, so as an experiment, I’ve changed the ownership of every subdir in the tree under cgi-tmp to munin:www-data (permissions are 775 on all directories in this tree, so www-data can now read/write).
I’ll watch it for a few days and see if this resolves the issue.
What I can report now is that for the last 2 days since making this change, the error messages have stopped happening. Also, those sub-directories have been successfully removed by the cron job.
I’ll keep watching it because what I don’t know is if the sub-directories will reappear at some time with the munin:munin ownership again. But so far so good.
For anyone following along and wants to try this solution, here’s the command you can use to change the group ownership of these directories:
sudo chgrp -R www-data /var/lib/munin/cgi-tmp/
This command recursively sets the group to www-data on all files and directories starting at cgi-tmp.
I’d recommend looking around under that directory first to see what all is there (in my case it was just some empty directories) and what the group is currently set to so you can see the effect of the command. But this is completely optional.
After 4 days I’ve had no more cron errors and no directories have reappeared with munin:munin ownership. So, it looks like my change has resolved the issue.
If it starts happening again, I’ll report back, but for now I think this is resolved.