if the file /usr/share/nginx/off exists and is an nginx error log file it can grow unchecked as it is outside of the log rotation from both the systemd configuration and/ or the logrotate program.
if this file exists an error_log directive is misbehaving in the nginx configuration.
nginx -Tlists all the directives found in config files so a quick grep for error_log should find the incorrect entry set to “off” as below.
# nginx -T | grep error_log | grep -i off
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
error_log off;Unlike the access_log directive, the value “off” does not disable error logging. From the nginx documentation:
| Syntax: | error_log file [level]; |
|---|---|
| Default: | error_log logs/error.log error; |
| Context: | main, http, mail, stream, server, location |
if the file path is accessible entering “off” sets nginx to log to a file called "off" in the /usr/share/nginx directory. Likewise it is possible to have /usr/share/nginx/false or any other valid filename. On Ubuntu ownership is by www-data but with a group of root. nginx is compiled by default with a path prefix of
--prefix=/usr/share/nginx
disable error logging correctly with the following
error_log /dev/null crit;logging only the less frequent critical errors passes anything to null. Restarting nginx is required.
Relative error log paths are from the compiled prefix and not under /var/log. The error message is helpful for example setting:
error_log logs/error.log ;results in…
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: [emerg] open() "/usr/share/nginx/logs/error.log" failed (2: No such file or directory)It appears the nginx does not create a folder structure itself for log file storage and does not drop root permissions before writing to the error log.