from:"Adrian Jenzer"

Re: [CentOS] Centos 8 crypto-policy to get SSL Labs A rating

2021-07-05 Thread Adrian Jenzer

Hi Paul

Thanks, but how do you "skip the crypto-policy for Apache"?
It seems like crypto-policies configuration is overwriting my values in 
httpd-configuration.
How I enforce the values in httpd.conf ? 

Gregards
Adrian

-Original Message-
From: CentOS  On Behalf Of Paul Heinlein
Sent: Mittwoch, 30. Juni 2021 16:09
To: CentOS mailing list 
Subject: Re: [CentOS] Centos 8 crypto-policy to get SSL Labs A rating

On Wed, 30 Jun 2021, Adrian Jenzer wrote:

> Dear Community
>
> I try to get an SSL Labs A rating for my CentOS8 Apache-server.
> I'am sure it has to do with my lack of understanding the crypto-policies 
> configuration, can anybody give me an advice where i am wrong?
> My understanding is that the configuration in the pmod-file will override the 
> ssl.conf values if PROFILE=SYSTEM is active.

I personally skip the crypto-policy for Apache, relying on a traditional 
httpd.conf stanza instead:

   # ...
   SSLCipherSuite "EECDH+AESGCM:EDH+AESGCM"
   SSLProtocol -all +TLSv1.3 +TLSv1.2

In conjunction with other TLS best practices, these settings seem to do the 
trick (read: Qualys likes them), albeit while excluding some older browsers.

--
Paul Heinlein
heinl...@madboa.com
45.38° N, 122.59° W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos 8 crypto-policy to get SSL Labs A rating

2021-06-30 Thread Adrian Jenzer

Dear Community

I try to get an SSL Labs A rating for my CentOS8 Apache-server.
I'am sure it has to do with my lack of understanding the crypto-policies 
configuration, can anybody give me an advice where i am wrong?
My understanding is that the configuration in the pmod-file will override the 
ssl.conf values if PROFILE=SYSTEM is active.


***
# Current runtime policy dump
# DEFAULT:HTTPS
arbitrary_dh_groups = 1
cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 AES-256-CTR AES-256-CBC 
AES-128-GCM AES-128-CCM AES-128-CTR AES-128-CBC
group = X25519 X448 SECP256R1 SECP384R1 SECP521R1 FFDHE-2048 FFDHE-3072 
FFDHE-4096 FFDHE-6144 FFDHE-8192
hash = SHA2-256 SHA2-384 SHA2-512 SHA3-256 SHA3-384 SHA3-512 SHA2-224 SHA1
ike_protocol = IKEv2
key_exchange = ECDHE DHE DHE-RSA DHE-PSK ECDHE-PSK ECDHE-GSS DHE-GSS
mac = AEAD HMAC-SHA2-256 HMAC-SHA1 UMAC-128 HMAC-SHA2-384 HMAC-SHA2-512
min_dh_size = 2048
min_dsa_size = 2048
min_dtls_version = DTLS1.2
min_rsa_size = 2048
min_tls_version = TLS1.2
protocol = TLS1.3 TLS1.2 DTLS1.2
sha1_in_certs = 1
sign = ECDSA-SHA3-256 ECDSA-SHA2-256 ECDSA-SHA3-384 ECDSA-SHA2-384 
ECDSA-SHA3-512 ECDSA-SHA2-512 EDDSA-ED25519 EDDSA-ED448 RSA-PSS-SHA2-256 
RSA-PSS-SHA2-384 RSA-PSS-SHA2-512 RSA-SHA3-256 RSA-SHA2-256 RSA-SHA3-384 RSA-$
ssh_certs = 1
ssh_cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 CAMELLIA-256-GCM 
AES-256-CTR AES-256-CBC CAMELLIA-256-CBC AES-128-GCM AES-128-CCM 
CAMELLIA-128-GCM AES-128-CTR AES-128-CBC CAMELLIA-128-CBC
ssh_etm = 1
ssh_group = X25519 X448 SECP256R1 SECP384R1 SECP521R1 FFDHE-2048 FFDHE-3072 
FFDHE-4096 FFDHE-6144 FFDHE-8192
tls_cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 AES-256-CBC AES-128-GCM 
AES-128-CCM AES-128-CBC

***
cat /etc/crypto-policies/policies/modules/HTTPS.pmod
cipher = 
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
***

Part of /etc/httpd/conf.d/ssl.conf
***
#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on

#   List the protocol versions which clients are allowed to connect with.
#   The OpenSSL system profile is used by default.  See
#   update-crypto-policies(8) for more details.
#SSLProtocol all -SSLv3
#SSLProxyProtocol all -SSLv3
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2

#   User agents such as web browsers are not configured for the user's
#   own preference of either security or performance, therefore this
#   must be the prerogative of the web server administrator who manages
#   cpu load versus confidentiality, so enforce the server's cipher order.
SSLHonorCipherOrder on

#   SSL Cipher Suite:
#   List the ciphers that the client is permitted to negotiate.
#   See the mod_ssl documentation for a complete list.
#   The OpenSSL system profile is configured by default.  See
#   update-crypto-policies(8) for more details.
SSLCipherSuite PROFILE=SYSTEM
#SSLProxyCipherSuite PROFILE=SYSTEM
#SSLCipherSuite HIGH:!aNULL:!MD5
#SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256



Thanks for any hint!
Adrian
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Document/collaboration server advise needed

2018-01-22 Thread Adrian Jenzer



Von: CentOS [centos-boun...@centos.org] im Auftrag von Rainer 
Duffner [rai...@ultra-secure.de]
Gesendet: Montag, 22. Januar 2018 22:08
An: CentOS mailing list
Betreff: Re: [CentOS] Document/collaboration server advise needed

> Am 22.01.2018 um 21:50 schrieb Valeri Galtsev :
>
> Dear All,
>
> Three groups of scientists need to write documents collaboratively. They are 
> going to use MS PowerPoint, Word, also store PDF files. They want to be able 
> to add external people from other groups they collaborate with and give them 
> access to some areas or "projects". In other words, they want some 
> collaborative work environment, mostly to work on documents.
>
> In the past scientists were using TeX, and one of version control systems 
> (CVS, subversion,...). And all was great, as TeX files (pretty much like 
> programs software developers write) are ASCII text files, and diff of two 
> version is rather small...
>
> Unlike the past scientists I work for plan to use MS PowerPoint, Word, also 
> store PDF files. All these are effectively binary files for version control 
> systems, then versions will not be stored as a small diff, but each version 
> ends up being the whole document.
>
> One obvious solution may be: just buy office365.com  
> service, or set up MS server on our own machine. And these are the two things 
> I am trying to avoid.
>
> Could someone recommend open source software? Some collaborative suite 
> focused mostly on working on documents, with web based interface.
>
> I run owncloud server for my Department, and one in general can use that, but 
> I hope to find something more focused towards collaborative work.
>
> Thanks a lot for your advises and pointers.





Well, there’s Collabra Online - 
https://www.collaboraoffice.com/collabora-online/ 
 - but I think it just 
allows you to edit documents on the browser.
It can’t really allow two people editing the same document at the same time and 
then merge it - something that AFAIK Sharepoint can do. At least, I was under 
the impression that it can do that.

You can download their CODE VM and check it out.

For just file-sharing, there’s also SeaFile.

But I see they also integrate with Collabra these days….
https://www.seafile.com/en/features/


For project management, there’s stuff like Project Open 
(http://www.project-open.com  ) - but you have to 
see for yourself if it fits your use-case.


Good luck and keep us updated about what you ended up doing.






___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


Hello Valeri

Check out onlyoffice it's easy to setup and you can then link it to your 
existing owncloud server.
It supports collaborative document editing. 

Regards
Adrian 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] update to Centos7.4: Failed to open \EFI\BOOT\grubx64.efi - Not Found

2018-01-09 Thread Adrian Jenzer

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of 
johan.vermeul...@telenet.be
Sent: Dienstag, 9. Januar 2018 16:34
To: CentOS mailing list
Subject: [CentOS] update to Centos7.4: Failed to open \EFI\BOOT\grubx64.efi - 
Not Found

Hello All, 

updating from Centos7.3 to Centos7.4 rendered one of our laptops unbootable. 
EM: 
Failed to open \EFI\BOOT\grubx64.efi - Not Found 
Failed to load image \EFI\BOOT\grubx64.efi: Not Found 
start_image() returned Not Found 

How could this occur because of an update and how to fix this? 

What I tried is booting from centos usb, chroot to /mnt/sysimage and gave 
command: 
efibootmgr --create --label CentOS --disk /dev/sda1 --loader 
"\EFI\centos\shim.efi" 

This gave no EM, but booting remains impossible. 

I have to say I don't know whether to try grub2 of efibootmgr commands. 

Any help would be very much appreciated. 

Greetings, J. 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Hi Johan

I remember I had a similar issue and I resolved it by copying grubx64.efi from 
/centos :
cp /boot/efi/EFI/centos/grubx64.efi /boot/efi/EFI/BOOT

regards
Adrian
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] scp setup jailed chroot on Centos7

2017-10-24 Thread Adrian Jenzer

That's correct, forgot to mention it. We ended up using SFTP (or at least 
offering it to external).

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of 
rai...@ultra-secure.de
Sent: Dienstag, 24. Oktober 2017 15:24
To: CentOS mailing list
Subject: Re: [CentOS] scp setup jailed chroot on Centos7

Am 2017-10-24 12:19, schrieb Adrian Jenzer:

> Hi Rainer
> I would if I could but external offers only FTP and SCP...
> 
> Regards Adrian

AFAIK, for scp you need a proper shell.

I've done that exactly once (chrooted ssh) and it was such a pain that I 
vowed to never do it again.

The problem is that inside the chroot, you need:

  - nameresolution
  - a minimal passwd/shadow/group file (or ldap)
  - maybe for scp, you can get away with a rather minimal device-tree - 
but for actual SSH access, I needed a fairly complete device tree inside 
the chroot (ttys ...).
  - that was with FreeBSD 10, I never tried it with anything else (due to 
its history with jails, creating functional, limited chroot-environments 
is somewhat in its genes, so to speak)

Somebody sent me the link to these scripts:

https://github.com/codelibre-net/schroot

Maybe you can use those scripts - I've never tried them.

Also, there's scp-only:
https://github.com/scponly/scponly/wiki

Haven't used that in years, either.
Concern over that one seemed to be that it's "another" shell and nobody 
had apparently done a thorough audit of it.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] scp setup jailed chroot on Centos7

2017-10-24 Thread Adrian Jenzer



-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of tbucha...@vinu.edu
Sent: Samstag, 21. Oktober 2017 02:14
To: CentOS mailing list
Subject: Re: [CentOS] scp setup jailed chroot on Centos7

-"CentOS" <centos-boun...@centos.org> wrote: -To: CentOS mailing list 
<centos@centos.org>
From: Rainer Duffner 
Sent by: "CentOS" 
Date: 10/20/2017 08:00PM
Subject: Re: [CentOS] scp setup jailed chroot on Centos7

> Am 20.10.2017 um 15:58 schrieb Adrian Jenzer <a.jen...@herzogdemeuron.com>:
> 
> Dear all
> 
> I'm looking for instructions on how to setup a jailed chroot directory for 
> user which needs to upload via scp to the server.
> Especially I miss clear instructions about what needs to be in the jailed 
> directory available, like binaries, libraries, etc...
> Without jail I get it to work, but I want to prevent user downloading for 
> example /etc folder from the server.
> 
> Does anybody have a link or list valid for Centos7
> 



Cant you use SFTP?

AFAIK, sftp automatically chroots a user with no valid shell (provided the home 
directory is owned by root and not writeable by the user and you use Subsystem 
internal-sftp).



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


https://github.com/mysecureshell/mysecureshell
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


Thanks for this. Didn't know about it. And setup is pretty straight forward. 
The repo for Centos6 works with 7 too.

[mysecureshell]
name=MySecureShell
baseurl=http://mysecureshell.free.fr/repository/index.php/centos/6.4/
enabled=1
gpgcheck=0


regards Adrian

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] scp setup jailed chroot on Centos7

2017-10-24 Thread Adrian Jenzer



-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Rainer Duffner
Sent: Samstag, 21. Oktober 2017 00:41
To: CentOS mailing list
Subject: Re: [CentOS] scp setup jailed chroot on Centos7


> Am 20.10.2017 um 15:58 schrieb Adrian Jenzer <a.jen...@herzogdemeuron.com>:
> 
> Dear all
> 
> I'm looking for instructions on how to setup a jailed chroot directory for 
> user which needs to upload via scp to the server.
> Especially I miss clear instructions about what needs to be in the jailed 
> directory available, like binaries, libraries, etc...
> Without jail I get it to work, but I want to prevent user downloading for 
> example /etc folder from the server.
> 
> Does anybody have a link or list valid for Centos7
> 



Can’t you use SFTP?

AFAIK, sftp automatically chroots a user with no valid shell (provided the home 
directory is owned by root and not writeable by the user and you use Subsystem 
internal-sftp).



Hi Rainer
I would if I could but external offers only FTP and SCP...

Regards Adrian
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] scp setup jailed chroot on Centos7

2017-10-20 Thread Adrian Jenzer

Dear all

I'm looking for instructions on how to setup a jailed chroot directory for user 
which needs to upload via scp to the server.
Especially I miss clear instructions about what needs to be in the jailed 
directory available, like binaries, libraries, etc...
Without jail I get it to work, but I want to prevent user downloading for 
example /etc folder from the server.

Does anybody have a link or list valid for Centos7


Thanks
Regards Adrian

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos 7 as a Hyper-V guest and Integration Services

2017-01-30 Thread Adrian Jenzer

Dear all

I'm running a Centos 7.3 as a Hyper-V guest on Windows Server 2012R2. Actually 
everything works fine but I'm still wondering if I do everything right 
regarding Linux Integration Services.

When I installed Centos 7 I didn't installed any LIS package or so as I 
understood it's built-in.
How are you handling this?
Is it recommended to install/update to the latest LIS from Microsoft provided 
as ISO or do I need to install the hyperv-daemons?


Currently my system reports:
[root@share ~]# lsmod | grep hv
hv_utils   24418  2
hv_storvsc 18032  6
hv_netvsc  40261  0
hv_vmbus  397185  6 
hyperv_keyboard,hv_netvsc,hid_hyperv,hv_utils,hyperv_fb,hv_storvsc

and I think this time shifts on rebbots are related to missing LIS (?):
[root@share ~]# last
root pts/0172.16.4.103   Mon 
Jan 30 12:14   still logged in
(unknown :0   :0
Sun Jan 29 03:59   still logged in
reboot   system boot  3.10.0-514.6.1.eFri Feb  3 15:55 - 
12:14 (-4+-3:-41)
root pts/0172.16.4.128   Fri 
Jan 27 15:24 - 15:57  (00:33)
root pts/0172.16.4.128   Fri 
Jan 27 12:22 - 12:49  (00:27)
root pts/0172.16.4.128   Mon 
Jan 23 13:53 - 14:00  (00:07)
(unknown :0   :0
Mon Jan 23 13:53 - 02:00 (5+12:06)
reboot   system boot  3.10.0-514.6.1.eTue Jan 24 23:41 - 
02:00 (4+02:18)
root pts/0172.16.4.128   Mon 
Jan 23 13:36 - down   (00:15)
administ pts/0172.16.4.128  Mon Jan 23 
12:44 - 13:00  (00:15)
(unknown :0   :0
Sun Jan 22 03:56 - 13:52 (1+09:55)
reboot   system boot  3.10.0-514.2.2.eFri Jan 27 17:31 - 
13:52 (-4+-3:-38)
root pts/1172.16.4.117   Mon 
Jan 16 12:20 - 13:28  (01:07)

Do you also get this Warnings in Hyper-V Event Viewer?:

Device 'Microsoft Synthetic Display Controller' in 'SHARE' is loaded but has a 
different version from the server.  Server version 3.3 Client version 3.2 
(Virtual machine ID C2D0C208-BC00-4E73-8AF1-DA595FE6ECE7). The device will 
work, but this is an unsupported configuration. This means that technical 
support will not be provided until this problem is resolved. To fix this 
problem, upgrade the integration services. To upgrade, connect to the virtual 
machine and select Insert Integration Services Setup Disk from the Action menu.


Thanks
best
Adrian

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache logs missing

2016-04-28 Thread Adrian Jenzer

It looks like logrotate changed behaviour and started to delete old logs 
instead of compressing them.
As you can see it just wiped away the one from 20160327, and that with all 
configs on default.
Does someone know how to fix this??

-rw-r--r-- 1 root root  357256 Dec 14 03:15 ssl_access_log-20151214.gz
-rw-r--r-- 1 root root  354106 Dec 20 03:38 ssl_access_log-20151220.gz
-rw-r--r-- 1 root root  204874 Dec 28 03:41 ssl_access_log-20151228.gz
-rw-r--r-- 1 root root   13621 Jan  3 03:05 ssl_access_log-20160103.gz
-rw-r--r-- 1 root root 4345075 Apr  4 03:40 ssl_access_log-20160404
-rw-r--r-- 1 root root 4743540 Apr 10 03:04 ssl_access_log-20160410
-rw-r--r-- 1 root root 6064766 Apr 22 17:45 ssl_access_log-20160422
-rw-r--r-- 1 root root   35837 Apr 25 11:00 ssl_access_log-20160426

On the prod-server I added now "rotate 300" to /etc/logroate.d/httpd to prevent 
losing more logs. It keeps the logs now but doesn't compress them anymore.

Thanks
Regards Adrian

-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of 
James Washington
Sent: Donnerstag, 21. April 2016 17:16
To: CentOS mailing list
Subject: Re: [CentOS] Apache logs missing

Adrian,

I’ve had huge problems with log rotate recently. For some reason, since the 
period you have mentioned, I have to restart rsyslog on my CentOS 6.7 servers 
after logrotate runs either through a cronjob or manually (even on the standard 
config). I’m not sure if you’ve experienced this to or whether they are linked 
- but there’s definitely been issues since January with logrotate. 

Kindest regards,

James Washington

On 21 April 2016 at 16:00:39, Adrian Jenzer (a.jen...@herzogdemeuron.com) wrote:

Hi all  

I just saw that I miss some log files in /var/log/httpd. There is a gap in 
January/February2016, no logs are available for this period.  
It seemed to work fine with the earlier logs as you can see.  
Has someone an explanation for this?  

It's a Centos 7.2 VM with Apache 2.4 running ownCloud only. Default logrotate 
config.  

-rw-r--r-- 1 root root 3367604 Apr 20 16:12 ssl_access_log  
-rw-r--r-- 1 root root 67982 Jul 12 2015 ssl_access_log-20150712.gz  
-rw-r--r-- 1 root root 43515 Jul 18 2015 ssl_access_log-20150719.gz  
-rw-r--r-- 1 root root 36096 Jul 26 2015 ssl_access_log-20150727.gz  
-rw-r--r-- 1 root root 25088 Aug 1 2015 ssl_access_log-20150802.gz  
-rw-r--r-- 1 root root 12733 Aug 9 2015 ssl_access_log-20150810.gz  
-rw-r--r-- 1 root root 89873 Aug 15 2015 ssl_access_log-20150816.gz  
-rw-r--r-- 1 root root 70627 Aug 23 2015 ssl_access_log-20150823.gz  
-rw-r--r-- 1 root root 91576 Aug 31 2015 ssl_access_log-20150831.gz  
-rw-r--r-- 1 root root 218188 Sep 6 2015 ssl_access_log-20150906.gz  
-rw-r--r-- 1 root root 181084 Sep 14 2015 ssl_access_log-20150914.gz  
-rw-r--r-- 1 root root 247666 Sep 20 2015 ssl_access_log-20150920.gz  
-rw-r--r-- 1 root root 221203 Sep 28 2015 ssl_access_log-20150928.gz  
-rw-r--r-- 1 root root 173962 Oct 4 2015 ssl_access_log-20151004.gz  
-rw-r--r-- 1 root root 131480 Oct 11 2015 ssl_access_log-20151011.gz  
-rw-r--r-- 1 root root 141485 Oct 19 2015 ssl_access_log-20151019.gz  
-rw-r--r-- 1 root root 89379 Oct 25 03:37 ssl_access_log-20151025.gz  
-rw-r--r-- 1 root root 149943 Nov 1 13:30 ssl_access_log-20151102.gz  
-rw-r--r-- 1 root root 150219 Nov 8 03:11 ssl_access_log-20151108.gz  
-rw-r--r-- 1 root root 131524 Nov 14 20:13 ssl_access_log-20151115.gz  
-rw-r--r-- 1 root root 153841 Nov 22 03:42 ssl_access_log-20151122.gz  
-rw-r--r-- 1 root root 134209 Nov 29 23:41 ssl_access_log-20151130.gz  
-rw-r--r-- 1 root root 336448 Dec 6 03:11 ssl_access_log-20151206.gz  
-rw-r--r-- 1 root root 357256 Dec 14 03:15 ssl_access_log-20151214.gz  
-rw-r--r-- 1 root root 354106 Dec 20 03:38 ssl_access_log-20151220.gz  
-rw-r--r-- 1 root root 204874 Dec 28 03:41 ssl_access_log-20151228.gz  
-rw-r--r-- 1 root root 13621 Jan 3 03:05 ssl_access_log-20160103.gz  
-rw-r--r-- 1 root root 4385823 Mar 27 04:19 ssl_access_log-20160327  
-rw-r--r-- 1 root root 4345075 Apr 4 03:40 ssl_access_log-20160404  
-rw-r--r-- 1 root root 4743540 Apr 10 03:04 ssl_access_log-20160410  
-rw-r--r-- 1 root root 6065044 Apr 17 03:20 ssl_access_log-20160417  



Regards  
Adrian Jenzer  

___  
CentOS mailing list  
CentOS@centos.org  
https://lists.centos.org/mailman/listinfo/centos  
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Apache logs missing

2016-04-21 Thread Adrian Jenzer

Hi all

I just saw that I miss some log files in /var/log/httpd. There is a gap in 
January/February2016, no logs are available for this period.
It seemed to work fine with the earlier logs as you can see.
Has someone an explanation for this?

It's a Centos 7.2 VM with Apache 2.4 running ownCloud only. Default logrotate 
config.

-rw-r--r--   1 root root 3367604 Apr 20 16:12 ssl_access_log
-rw-r--r--   1 root root   67982 Jul 12  2015 ssl_access_log-20150712.gz
-rw-r--r--   1 root root   43515 Jul 18  2015 ssl_access_log-20150719.gz
-rw-r--r--   1 root root   36096 Jul 26  2015 ssl_access_log-20150727.gz
-rw-r--r--   1 root root   25088 Aug  1  2015 ssl_access_log-20150802.gz
-rw-r--r--   1 root root   12733 Aug  9  2015 ssl_access_log-20150810.gz
-rw-r--r--   1 root root   89873 Aug 15  2015 ssl_access_log-20150816.gz
-rw-r--r--   1 root root   70627 Aug 23  2015 ssl_access_log-20150823.gz
-rw-r--r--   1 root root   91576 Aug 31  2015 ssl_access_log-20150831.gz
-rw-r--r--   1 root root  218188 Sep  6  2015 ssl_access_log-20150906.gz
-rw-r--r--   1 root root  181084 Sep 14  2015 ssl_access_log-20150914.gz
-rw-r--r--   1 root root  247666 Sep 20  2015 ssl_access_log-20150920.gz
-rw-r--r--   1 root root  221203 Sep 28  2015 ssl_access_log-20150928.gz
-rw-r--r--   1 root root  173962 Oct  4  2015 ssl_access_log-20151004.gz
-rw-r--r--   1 root root  131480 Oct 11  2015 ssl_access_log-20151011.gz
-rw-r--r--   1 root root  141485 Oct 19  2015 ssl_access_log-20151019.gz
-rw-r--r--   1 root root   89379 Oct 25 03:37 ssl_access_log-20151025.gz
-rw-r--r--   1 root root  149943 Nov  1 13:30 ssl_access_log-20151102.gz
-rw-r--r--   1 root root  150219 Nov  8 03:11 ssl_access_log-20151108.gz
-rw-r--r--   1 root root  131524 Nov 14 20:13 ssl_access_log-20151115.gz
-rw-r--r--   1 root root  153841 Nov 22 03:42 ssl_access_log-20151122.gz
-rw-r--r--   1 root root  134209 Nov 29 23:41 ssl_access_log-20151130.gz
-rw-r--r--   1 root root  336448 Dec  6 03:11 ssl_access_log-20151206.gz
-rw-r--r--   1 root root  357256 Dec 14 03:15 ssl_access_log-20151214.gz
-rw-r--r--   1 root root  354106 Dec 20 03:38 ssl_access_log-20151220.gz
-rw-r--r--   1 root root  204874 Dec 28 03:41 ssl_access_log-20151228.gz
-rw-r--r--   1 root root   13621 Jan  3 03:05 ssl_access_log-20160103.gz
-rw-r--r--   1 root root 4385823 Mar 27 04:19 ssl_access_log-20160327
-rw-r--r--   1 root root 4345075 Apr  4 03:40 ssl_access_log-20160404
-rw-r--r--   1 root root 4743540 Apr 10 03:04 ssl_access_log-20160410
-rw-r--r--   1 root root 6065044 Apr 17 03:20 ssl_access_log-20160417



Regards
Adrian Jenzer

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 8 crypto-policy to get SSL Labs A rating

[CentOS] Centos 8 crypto-policy to get SSL Labs A rating

Re: [CentOS] Document/collaboration server advise needed

Re: [CentOS] update to Centos7.4: Failed to open \EFI\BOOT\grubx64.efi - Not Found

Re: [CentOS] scp setup jailed chroot on Centos7

Re: [CentOS] scp setup jailed chroot on Centos7

Re: [CentOS] scp setup jailed chroot on Centos7

[CentOS] scp setup jailed chroot on Centos7

[CentOS] Centos 7 as a Hyper-V guest and Integration Services

Re: [CentOS] Apache logs missing

[CentOS] Apache logs missing

11 matches

Site Navigation

Mail list logo

Footer information