Package: logrotate Version: 3.7.1-3 Severity: normal Tags: patch Hello,
Context #1 : for privacy reasons, there is some work being done to allow a Debian system administrator to disable, « the Debian way », login records book-keeping, rather than relying on ugly hacks. This bug report is a first step on the way to make this possible. Context #2 : the files /var/log/{btmp,wtmp} gather privacy-sensitive data. According to wtmp’s and lastb’s manpages, the standard way to disable such logging is to simply delete these files (no program should ever create them if them does not exist yet). Well. On a current Lenny system, /var/log/{btmp,wtmp} may be created automatically on two places : - the default /etc/logrotate.conf makes logrotate create them monthly if they do not exist yet, with appropriate owner and permissions ; - the base-files package unconditionally creates/chown/chmod them on postinst. IMHO, this code duplication is a problem : - it does not do any good that I can think of ; - it increases the risk of incoherence between the two ways (permissions, owner) these files are created ; - it makes it hard for us to properly offer a sysadmin the possibility to disable login book-keeping : it currently requires him/her to configure/hack the same thing at two places, and it would require us (privacy-related CDD developers) to render the same thing easily configurable at two places. We then have to choose one, and only one, of these places to be responsible to create (or not) /var/log/{btmp,wtmp}. As base-files is in Essential, some minimal Debian systems without logrotate may depend on the fact that these files have been created. For backward-compatibility reasons, these files should then be created by base-files, and not by logrotate. That’s why I’m suggesting to disable the creation of /var/log/{btmp,wtmp} in the default /etc/logrotate.conf ; the attached patch to the shipped logrotate.conf does so. Bye, -- intrigeri <[EMAIL PROTECTED]> | gnupg key @ http://gaffer.boum.org/intrigeri/intrigeri.asc | The impossible just takes a bit longer.
--- logrotate.conf.orig 2008-06-28 12:20:05.546972345 +0200 +++ logrotate.conf 2008-06-28 12:20:20.233619534 +0200 @@ -18,14 +18,14 @@ /var/log/wtmp { missingok monthly - create 0664 root utmp + nocreate rotate 1 } /var/log/btmp { missingok monthly - create 0664 root utmp + nocreate rotate 1 }