Package: debian-edu-config Version: 2.12.36 The size of log files on client machines should be limited more aggressively, on a minimal or workstation install the following log files have the potential to grow and to potentially enlarge and then fill up the root partition:
- /var/log/auth.log - /var/log/boot.log - /var/log/cron.log - /var/log/kern.log - /var/log/mail.log - /var/log/user.log - /var/log/syslog - /var/log/cups/access.log - /var/log/cups/error.log - /var/log/exim4/mainlog - /var/log/munin/munin-node.log - persistent systemd-journal The first thing is that everything is logged three times, once in the persistent journal locally, once in the rsyslog-configured log files, and once remotely on the main server. Possible solutions for minimal and workstation profiles: - limit what is logged locally by either a) making the journal non-persistent b) or keeping the journal persistent, limit its size but configure rsyslog to forward only the current default journal size limit is between 10% of free disk space and 4 GB c) or making the journal non-persistent and configure rsyslog to forward only - run logrotate hourly instead of daily For the portable-workstation profile local logs need to be kept but we should do so either using the persistent journal or rsyslog log files but not both. I am leaning towards option b) since the persistent journal is already the default and it is simple to apply an absolute limit for everything logged through syslog. This would be suitable for the portable profile as well. Suggestions? -- Guido Berhoerster