I use Symfony v5.4 with Monolog, which is set up (for less important logs) to do the automatic log rotating (monolog's rotating_file option).
The issue is that, in the production mode, on live server, when Monolog rotates such file (creates a new file for the next day), it creates the new file as a root:root.
All the other log files in that folder are created as apache:apache. Even if some log file does not already exist, and Symfony wants to auto-create it when needed, it would be created as apache user.
The Apache2 runs as the apache user, so it has no issues writing to the regular log files, but obviously when it tries writing to the new auto-rotated by Monolog, the root:root's file, it fails.
I suppose that some process that is actually performing the rotation is running as a root, but - which process is that? How is this Monolog's work scheduled to be processed daily? I didn't duck-ducked any details about it.
Symfony itself is called through Apache, which runs as apache.
This can come from a cronjob as root or a command ran with
sudo. This can create files if they are not existing. They have root owner, so apache can't access them.