On Tue, 21 Aug 2012, Kevin Longfellow wrote:
Hi,
Forgive me for being dense but when does log rotation happen using
kdc_rotate if period = 1d? I have tried using logrotate but it loses
some data and now am trying kdc_rotate and admin_server_rotate in
krb5.conf. This is MIT Kerberos version 1.7.2. Ideally I'd like the
logs to always rotate every day but if I can understand what the below
is trying to tell me perhaps this will be acceptable. Thanks, Kevin
"The following relations can be specified for the kdc_rotate relation
subsection: period=delta_time Specifies the time interval before a new
log file is created. See the TimeFormats section in kinit(1) for the
valid time duration formats you can specify for delta_time. If period
is not specified or set to never, no rotation occurs. Specifying a time
interval does not mean that the log files are rotated at the time
interval based on real time. This is because the time interval is
checked at each attempt to write a record to the log, or when logging is
actually occurring. Therefore, rotation occurs only when logging has
actually occurred for the specified time interval."
Not quite sure what that last sentence means?
It means that the server process does not wake up periodically and check
"should I rotate the log now?" -- instead, the server process does not
do anything with the log until it actually has an entry to write to the
log. Before writing to the log, though, it checks whether the log should
be rotated (and does so if necessary).
So, if you get enough traffic that you have something logged each day,
then your logfiles will get rotated each day. If you have very low
traffic, then the logs might go multiple days without getting rolled.
-Ben Kaduk
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
