Log rotation / newsyslog / apache not reloaded
Hello, I have the following lines in my /etc/newsyslog.conf /var/log/*-access.log 644 30*@T00 JCG /var/log/*-error.log644 30*@T00 JCG Man newsyslog.conf says: If this field (signal_number) is not present, then a SIGHUP signal will be sent. My problem is that while the apache logs are rotated as specified in the newsyslog.conf file, the apache server is not reloaded which causes it to write log entries to the now compressed files. Which flag should I specify to make sure apache is reloaded during log rotation? Thank you very much in advance! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Log rotation / newsyslog / apache not reloaded
On 15 Apr 2010 at 8:30, Zbigniew Szalbot wrote: Hello, I have the following lines in my /etc/newsyslog.conf /var/log/*-access.log 644 30*@T00 JCG /var/log/*-error.log644 30*@T00 JCG I added /var/run/httpd.pid at the end of both lines and will see if that helps. Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Log rotation / newsyslog / apache not reloaded
On 2010-04-15 12:08, Zbigniew Szalbot wrote: On 15 Apr 2010 at 8:30, Zbigniew Szalbot wrote: Hello, I have the following lines in my /etc/newsyslog.conf /var/log/*-access.log 644 30*@T00 JCG /var/log/*-error.log644 30*@T00 JCG I added /var/run/httpd.pid at the end of both lines and will see if that helps. Zbigniew Szalbot Alternatively you can use sysutils/cronolog which will eliminate the need to restart Apache entirely. Apache's configuration file allows you to pipe your logs to sysutils/cronolog (or any other external program) which in turn can be configured to split the logs almost any way you like. This is very convenient, especially if you run many vhosts which normally will turn nywsyslog.conf into a mess. The man page explains it in detail. http://cronolog.org/download/cronolog.pdf Regards Morgan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Log rotation / newsyslog / apache not reloaded
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 15/04/2010 11:08:14, Zbigniew Szalbot wrote: On 15 Apr 2010 at 8:30, Zbigniew Szalbot wrote: Hello, I have the following lines in my /etc/newsyslog.conf /var/log/*-access.log 644 30*@T00 JCG /var/log/*-error.log644 30*@T00 JCG I added /var/run/httpd.pid at the end of both lines and will see if that helps. I use this: /var/log/httpd-access.log 644 3 100 * J /var/run/httpd.pid 30 /var/log/httpd-error.log 644 3 100 * J /var/run/httpd.pid 30 Signal 30 (SIGUSR1) causes Apache to do a graceful restart which is less disruptive for anyone using the web site, but it can result in a few log records being lost during the restart. If you're going to be running a busy website, then it's better to use rotatelogs(1) (comes with apache) or cronolog(1) (in ports) to cycle the log files. Neither of those handles compressing or deleteing old log files, but a trivial cron job will deal with that. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkvG6vkACgkQ8Mjk52CukIw4UgCfaMG9vpDTeMAvhCQ+MaBlgTEh EbMAmgOI246i1nFgb7EuM6qVBbXqGVC8 =Tama -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
apache halting during log rotation
I have the following in my newsyslog.conf /var/log/httpd-*.log644 9 8@T01BG /var/run/httpd.pid 30 and am seeing crashes with apache-2.0.63_2 which I think are associated. The relevant error log entries appear to be these lines [Thu Apr 02 01:00:00 2009] [notice] Graceful restart requested, doing restart [Thu Apr 02 01:00:00 2009] [emerg] (2)No such file or directory: Couldn't initialize cross-process lock in child [Thu Apr 02 01:00:00 2009] [emerg] (2)No such file or directory: Couldn't initialize cross-process lock in child [Thu Apr 02 01:00:00 2009] [notice] FastCGI: process manager initialized (pid 93707) [Thu Apr 02 01:00:01 2009] [warn] RSA server certificate CommonName (CN) `*.xxx.org' does NOT match server name!? [Thu Apr 02 01:00:01 2009] [warn] RSA server certificate CommonName (CN) `*.xxx.org' does NOT match server name!? ... [Thu Apr 02 01:00:01 2009] [warn] RSA server certificate wildcard CommonName (CN) `*.xxx.org' does NOT match server name!? [Thu Apr 02 01:00:01 2009] [notice] Apache/2.0.63 (FreeBSD) mod_fastcgi/2.4.6 mod_ssl/2.0.63 OpenSSL/0.9.8e configured -- resuming normal operations [Thu Apr 02 01:00:01 2009] [alert] Child 93701 returned a Fatal error... Apache is exiting! [Thu Apr 02 01:00:01 2009] [alert] FastCGI: read() from pipe failed (0) [Thu Apr 02 01:00:01 2009] [alert] FastCGI: the PM is shutting down, Apache seems to have disappeared - bye I have used this rotation scheme with 6.0/6.1/6.2 for some years and it has never failed till the last few days when I'm now running 7.0-RELEASE. Can anyone adivise what could be done to ameliorate this. I see mention of rotatelogs, is that a better solution to this problem? -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [squid-users] log rotation
Hello, On Wed, 25 Jul 2007 18:50:27 +0545, Tek Bahadur Limbu [EMAIL PROTECTED] wrote: Zbigniew Szalbot wrote: Hello, I have looked at wiki but cannot find information about log rotation (access store logs). How can I do this? Or is it simply a matter of defining log rotation in newsyslog.conf (I am on a FreeBSD system)? Hi Zbigniew, Go to: (1.) cd /usr/ports/sysutils/logrotate (2.) make install clean (3.) cd /usr/local/etc (4.) vi /usr/local/etc/logrotate.conf Put the following in logrotate.conf Thank you very much indeed! But I managed in a (I think simpler way by adding /usr/local/squid/logs/access.logsquid:squid 644 7 * @T00 J /usr/local/squid/logs/squid.pid 30 to newsyslog.conf But I appreciate such a thorough description! Warm regards, Zbigniew Szalbot # Start of logrotate.conf ### # rotate log files weekly #weekly daily # keep 4 weeks worth of backlogs rotate 7 # send errors to root #errors root # create new (empty) log files after rotating old ones create # uncomment this if you want your log files compressed compress # RPM packages drop log rotation information into this directory include /usr/local/etc/logrotate.d /var/log/lastlog { monthly rotate 12 } End of logrotate.conf ## (5.) mkdir -p /usr/local/etc/logrotate.d/ (6.) cd /usr/local/etc/logrotate.d/ (7.) vi /usr/local/etc/logrotate.d/squid Put the following: ###Start of squid# /var/log/squid/access.log { daily rotate 90 copytruncate compress notifempty missingok } /var/log/squid/cache.log { daily rotate 7 copytruncate compress notifempty missingok } (8.) /usr/local/sbin/logrotate -d /usr/local/etc/logrotate.conf (9.) /usr/local/sbin/logrotate -f /usr/local/etc/logrotate.conf If some errors are reported, it's normal, just create or touch the relevant files or directories. (10.) vi /etc/crontab Put the following: 0 1 * * * root/usr/local/sbin/logrotate /usr/local/etc/logrotate.conf /dev/null 21 (11.) If all works well, you are good to go!!! Of course, the other simple way of doing this is to run: squid -k rotate from /etc/crontab 0 1 * * * root squid -k rotate Thanking you... Thank you! -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
log rotation recommendations
Hello, Having recently moved from Linux (SuSE) to FreeBSD (6.2-p3) I'm wondering what the recommended way of rotating logs (principally postfix and apache). I see that logrotate, with which I'm familiar, is in ports. I also see that there is a file /etc/newsyslog.conf, but it looks like newsyslog(8) only knows about HUPping syslogd. If there is no conventional BSD way of doing this, I'll just install logrotate and go with what I know, but I thought I would check here first. Thanks, -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation recommendations
Jeffrey Goldberg wrote: Having recently moved from Linux (SuSE) to FreeBSD (6.2-p3) I'm wondering what the recommended way of rotating logs (principally postfix and apache). I see that logrotate, with which I'm familiar, is in ports. I also see that there is a file /etc/newsyslog.conf, but it looks like newsyslog(8) only knows about HUPping syslogd. Not so. The optional 7th field in /etc/newsyslog.conf can contain a file name to read a PID out of: that PID will be signalled when the log is rotated. The optional 8th column can contain the signal number to use -- by default SIGHUP is sent. The newsyslog.conf(5) man page explains all this in great detail. Certainly for apache, you might alternatively consider the use of rotatelogs(8) (comes with apache) or cronolog(8) (in ports as sysutils/cronolog). Or, indeed, logrotate if that's what you prefer. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: log rotation recommendations
Matthew Seaman skrev: Jeffrey Goldberg wrote: Having recently moved from Linux (SuSE) to FreeBSD (6.2-p3) I'm wondering what the recommended way of rotating logs (principally postfix and apache). I see that logrotate, with which I'm familiar, is in ports. I also see that there is a file /etc/newsyslog.conf, but it looks like newsyslog(8) only knows about HUPping syslogd. Not so. The optional 7th field in /etc/newsyslog.conf can contain a file name to read a PID out of: that PID will be signalled when the log is rotated. The optional 8th column can contain the signal number to use -- by default SIGHUP is sent. The newsyslog.conf(5) man page explains all this in great detail. Certainly for apache, you might alternatively consider the use of rotatelogs(8) (comes with apache) or cronolog(8) (in ports as sysutils/cronolog). Or, indeed, logrotate if that's what you prefer. It is also possible to put a call for newsyslog within a script. Then you can do your preferred preprocessing, call newsyslog with a specialized config for the event, which should take care of HUPing the application, and then do postprocessing like moving files to folders, renaming to include the date or whatever. Regards, Lars Cheers, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation recommendations
Hello Jeffrey, I am not familiar with logrotate but my newsyslog.conf rotates whatever I want just fine. As an example I have this for a small almost unused apache: /var/log/httpd-access.log 644 7 1000 24B /var/run/httpd.pid 30 /var/log/httpd-error.log644 7 1000 24B /var/run/httpd.pid 30 You might want to adjust size settings etc and this can be found in the man page for newsyslog.conf. Good luck! Jeffrey Goldberg skrev: Hello, Having recently moved from Linux (SuSE) to FreeBSD (6.2-p3) I'm wondering what the recommended way of rotating logs (principally postfix and apache). I see that logrotate, with which I'm familiar, is in ports. I also see that there is a file /etc/newsyslog.conf, but it looks like newsyslog(8) only knows about HUPping syslogd. If there is no conventional BSD way of doing this, I'll just install logrotate and go with what I know, but I thought I would check here first. Thanks, -j --Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.446 / Virus Database: 268.18.17/731 - Release Date: 2007-03-23 15:27 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Apache log rotation question...
I am using cronolog to handle the logging end of apache. Cronolog basically takes care of the logging for apache, allowing you much more flexibility with the logging options. Assuming.. 1. You have cronolog installed 2. /path/to/your/logs/vhost1/ is a valid path A sample Apache config line would read (main or virtual host context): ErrorLog |cronolog /path/to/your/logs/vhost1/%Y%m%d_error.log CustomLog |cronolog /path/to/your/logs/vhost1/%Y%m%d_access.log combined I this example, you will generate logs with the names 20061108_error.log and 20061108_access.log respectively and each day (midnight server time) cronolog will auto-gen new ones as soon as apache sends it something to log. Using this method, cronolog is doing the logging for Apache specifically the way when where and how you want it negating the need for further scripting and manipulating of the logs afterward. Hope that helps. Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Philip Hallstrom Sent: Friday, November 03, 2006 3:21 PM To: Curtis Jewell Cc: [EMAIL PROTECTED] Subject: Re: Apache log rotation question... I'm wondering if I can safely use newsyslog with a newsyslog.conf with these lines in it: I don't know the answer to your question, but you might look at cronolog... http://www.freebsd.org/cgi/url.cgi?ports/sysutils/cronolog/pkg-descr /var/log/httpd/access_log/*644 1 *$W0D0 G /var/log/httpd/error_log/* 644 1 *$W0D0 G /var/log/httpd/ssl_request.log 644 1 *$W0D0 /var/log/httpd/error.log 644 1 *$W0D0 # After this point should be one line... /var/log/httpd/access.log 644 1 *$W0D0 - /var/run/httpd.pid 30 or if not, what should I do instead? (I have 4 separate vhosts that keep their access logs in the first 2 directories) For the record, I want weekly rotation on Sundays at midnight (I assume JST, since I have my time set to local time, which is JST [GMT+9, no DST]), keeping 1 log, (the way I read the fine manuals, I'll have to have a cron job bzip2 it up later and move it aside if I want to keep more and/or compress them) permissions 644 with the owner being root:wheel, no size check, and the last part of the last line should send a SIGUSR1 (30) signal to Apache, which should do the equivalent of a 'apachectl -k graceful' per http://httpd.apache.org/docs/2.2/stopping.html. My question really is, does newsyslog send the signal at the right time [after the rotation is done, per http://httpd.apache.org/docs/2.2/logs.html#rotation] and does it do the lines in order???) - --Curtis - -- Curtis Jewell [EMAIL PROTECTED] Killed enough? ... Yes, Your Highness, I think we all have. --John Patrick Ryan (from 'The Sum Of All Fears', Tom Clancy) [I use Pine, which deliberately does not display colors and pictures in HTML mail] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFS6ByvCi+150VKIMRAs6PAKDOOvnARxXKUTY5dvNrob3gl9+aZACdG+P+ Uz0GrVe1p5MNuRPwiTbBXxY= =lTB2 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Apache log rotation question...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm wondering if I can safely use newsyslog with a newsyslog.conf with these lines in it: /var/log/httpd/access_log/*644 1 *$W0D0 G /var/log/httpd/error_log/* 644 1 *$W0D0 G /var/log/httpd/ssl_request.log 644 1 *$W0D0 /var/log/httpd/error.log 644 1 *$W0D0 # After this point should be one line... /var/log/httpd/access.log 644 1 *$W0D0 - /var/run/httpd.pid 30 or if not, what should I do instead? (I have 4 separate vhosts that keep their access logs in the first 2 directories) For the record, I want weekly rotation on Sundays at midnight (I assume JST, since I have my time set to local time, which is JST [GMT+9, no DST]), keeping 1 log, (the way I read the fine manuals, I'll have to have a cron job bzip2 it up later and move it aside if I want to keep more and/or compress them) permissions 644 with the owner being root:wheel, no size check, and the last part of the last line should send a SIGUSR1 (30) signal to Apache, which should do the equivalent of a 'apachectl -k graceful' per http://httpd.apache.org/docs/2.2/stopping.html. My question really is, does newsyslog send the signal at the right time [after the rotation is done, per http://httpd.apache.org/docs/2.2/logs.html#rotation] and does it do the lines in order???) - --Curtis - -- Curtis Jewell [EMAIL PROTECTED] Killed enough? ... Yes, Your Highness, I think we all have. --John Patrick Ryan (from 'The Sum Of All Fears', Tom Clancy) [I use Pine, which deliberately does not display colors and pictures in HTML mail] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFS6ByvCi+150VKIMRAs6PAKDOOvnARxXKUTY5dvNrob3gl9+aZACdG+P+ Uz0GrVe1p5MNuRPwiTbBXxY= =lTB2 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache log rotation question...
I'm wondering if I can safely use newsyslog with a newsyslog.conf with these lines in it: I don't know the answer to your question, but you might look at cronolog... http://www.freebsd.org/cgi/url.cgi?ports/sysutils/cronolog/pkg-descr /var/log/httpd/access_log/*644 1 *$W0D0 G /var/log/httpd/error_log/* 644 1 *$W0D0 G /var/log/httpd/ssl_request.log 644 1 *$W0D0 /var/log/httpd/error.log 644 1 *$W0D0 # After this point should be one line... /var/log/httpd/access.log 644 1 *$W0D0 - /var/run/httpd.pid 30 or if not, what should I do instead? (I have 4 separate vhosts that keep their access logs in the first 2 directories) For the record, I want weekly rotation on Sundays at midnight (I assume JST, since I have my time set to local time, which is JST [GMT+9, no DST]), keeping 1 log, (the way I read the fine manuals, I'll have to have a cron job bzip2 it up later and move it aside if I want to keep more and/or compress them) permissions 644 with the owner being root:wheel, no size check, and the last part of the last line should send a SIGUSR1 (30) signal to Apache, which should do the equivalent of a 'apachectl -k graceful' per http://httpd.apache.org/docs/2.2/stopping.html. My question really is, does newsyslog send the signal at the right time [after the rotation is done, per http://httpd.apache.org/docs/2.2/logs.html#rotation] and does it do the lines in order???) - --Curtis - -- Curtis Jewell [EMAIL PROTECTED] Killed enough? ... Yes, Your Highness, I think we all have. --John Patrick Ryan (from 'The Sum Of All Fears', Tom Clancy) [I use Pine, which deliberately does not display colors and pictures in HTML mail] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFS6ByvCi+150VKIMRAs6PAKDOOvnARxXKUTY5dvNrob3gl9+aZACdG+P+ Uz0GrVe1p5MNuRPwiTbBXxY= =lTB2 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache log rotation question...
At 5:02 AM +0900 11/4/06, Curtis Jewell wrote: My question really is, does newsyslog send the signal at the right time [after the rotation is done, per http://httpd.apache.org/docs/2.2/logs.html#rotation ] and does it do the lines in order???) You can see what it will do by running newsyslog with the options of `-nv' to see what it would do, without it doing anything. Eg: newsyslog -nvvf /tmp/newsyslog.conf In your case you'd first want to use a different time in the entries you've added, just so the time to rotate is this hour (ie, whatever hour it is that you're running the program...). So, do that, and then run: newsyslog -nvf /tmp/newsyslog.conf You'll see that it first rotates all files that should be rotated for this run, then sends all signals it is supposed to send, then waits 10 seconds or so, and finally it compresses any of the old-files that it should compress. If you have a set of files which are all written to by a single process, then you should add the '/var/run/httpd.pid' to the newsyslog entry for *every* file that process writes to. The way newsyslog handles things, it will only send a single signal to any given process id, even if several different files from that process were rotated. Since all files have been rotated before the process is signalled, the process will only need to be signalled one time. Try the run with '-nv' to see exactly how it would work. -- Garance Alistair Drosehn = [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Institute; Troy, NY; USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation, one process doesn't know about it
Hello, On Sat, 21 Oct 2006, Zbigniew Szalbot wrote: Do one of the following: 1) Configure both exim and dovecot to log through syslog with the same facility. Then configure syslogd to put that facility in the file you want. What I had to do to make it work was to remove log_path = /var/log/exim/mainlog from Dovecot configuration file leaving syslog_facility = mail intact. Now Dovecot and exim happily write to /var/log/exim/mainlog Thank you for your suggestions! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
log rotation, one process doesn't know about it
Hello, I have set up dovecot to log its data to the same log as exim does. This works fine till midnight when it comes to log rotation. Then exim still logs to its log but dovecot ignores it. Now, I have done the homework, found that there is newsyslog.conf and read about flags. And I have the following entry in this file: /var/log/exim/mainlog mailnull:mail 640 60*@T00 ZC I used to have a flag ZN but I read that the N flag actually makes syslogd ignore to inform other processes about a new file being rotated. So I removed it and left only Z, restarted syslogd, but no joy after midnight. I then added C out of sheer dispair but dovecot still ignores the new log after midnight. Could anyone suggest what I should do in order to make this work as intended? Many thanks in advance! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation, one process doesn't know about it
On Sat, 21 Oct 2006 09:33:34 +0200 (CEST) Zbigniew Szalbot [EMAIL PROTECTED] wrote: Hello, I have set up dovecot to log its data to the same log as exim does. This works fine till midnight when it comes to log rotation. Then exim still logs to its log but dovecot ignores it. Now, I have done the homework, found that there is newsyslog.conf and read about flags. And I have the following entry in this file: /var/log/exim/mainlog mailnull:mail 640 60*@T00 ZC I used to have a flag ZN but I read that the N flag actually makes syslogd ignore to inform other processes about a new file being rotated. So I removed it and left only Z, restarted syslogd, but no joy after midnight. I then added C out of sheer dispair but dovecot still ignores the new log after midnight. Could anyone suggest what I should do in order to make this work as intended? Do one of the following: 1) Configure both exim and dovecot to log through syslog with the same facility. Then configure syslogd to put that facility in the file you want. 2) Put exim and dovecot log data in seperate files and configure newsyslog to rotate both of those files. If dovecot needs restarted in order to handle log rotation, be sure to put dovecot's PID file in the last column. Personally, I do #1 -- all my mail programs log to /var/log/maillog, but either will work. -- Bill Moran Potential Technologies http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation, one process doesn't know about it
Hello, On Sat, 21 Oct 2006, Bill Moran wrote: Do one of the following: 1) Configure both exim and dovecot to log through syslog with the same facility. Then configure syslogd to put that facility in the file you want. As FBSD is still new to me, I am trying to understand what it would involve. Exim is configured to log to /var/log/exim/mainlog. In the newsyslog.conf I have /var/log/exim/mainlog mailnull:mail 640 60 * @T00 ZC Does it mean exim uses syslogd? It is not obvious to me. If it does, how can I do the same with dovecot? In dovecot.conf I have the path pointing to /var/log/exim/mainlog. If I want to use syslogd, do I have to write to /var/log/maillog? I want to get it right using the first solution. Thank you very much for your patience with me! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation, one process doesn't know about it
In response to Zbigniew Szalbot [EMAIL PROTECTED]: Hello, On Sat, 21 Oct 2006, Bill Moran wrote: Do one of the following: 1) Configure both exim and dovecot to log through syslog with the same facility. Then configure syslogd to put that facility in the file you want. As FBSD is still new to me, I am trying to understand what it would involve. Exim is configured to log to /var/log/exim/mainlog. In the newsyslog.conf I have /var/log/exim/mainlog mailnull:mail 640 60 * @T00 ZC Does it mean exim uses syslogd? It is not obvious to me. If it does, how can I do the same with dovecot? In dovecot.conf I have the path pointing to /var/log/exim/mainlog. If I want to use syslogd, do I have to write to /var/log/maillog? I want to get it right using the first solution. Thank you very much for your patience with me! You're asking all the wrong questions. Take a step back and do a little reading, it's not really hard once you know what order to go in. First, read the man pages for syslogd and syslog.conf. The high-level explanation is that syslogd accepts messages from many places and handles them according to its configuration. syslogd and newsyslog are two different programs, despite the similarities in their names, they are independent. Next, research the program logger, which is a simple tool to send messages to syslogd. Experiment a bit to get a feel for how messages are being handled, and gain an understanding of facilities and levels. From there, both Dovecot and Exim will both have configuration parameters to tell them _how_ to log. Looking at my Dovecot config, I didn't have to change anything to have it log to syslogd with facility mail. I don't use Exim, so I can't speak to the details of its config. If you have specific questions, post to the list. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Apache log rotation
Hi, If one install Apache from the ports, the logs go in /var/log, namely in: ssl_request_log httpd-access.log ssl_engine_log httpd-error.log Is there a clean way to rotate these logs a la newsyslog? I know I can use newsyslog to rotate them, but then how to notify Apache to use the new log files? I don't expect a signal HUP sent to httpd would be enough. Best regards, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache log rotation
On Wed, Oct 19, 2005 at 03:54:15PM +0700, Olivier Nicole wrote: [...] Is there a clean way to rotate these logs a la newsyslog? I know I can use newsyslog to rotate them, but then how to notify Apache to use the new log files? I don't expect a signal HUP sent to httpd would be enough. It is. All you need to make sure that only the last line has the HUP to the httpd, as newsyslog works from top to bottom. eg: /var/log/apache/httpd-access.log644 12*$M1D0 BN /var/log/apache/httpd-error.log 644 12*$M1D0 B /var/run/httpd.pid Cheers. -- Jonathan Chen [EMAIL PROTECTED] -- Lots of folks confuse bad management with destiny - Kin Hubbard ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache log rotation
Sending HUP is fine. Olivier Nicole wrote: Hi, If one install Apache from the ports, the logs go in /var/log, namely in: ssl_request_log httpd-access.log ssl_engine_log httpd-error.log Is there a clean way to rotate these logs a la newsyslog? I know I can use newsyslog to rotate them, but then how to notify Apache to use the new log files? I don't expect a signal HUP sent to httpd would be enough. Best regards, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache log rotation
On October 19, 2005 04:54 am, Olivier Nicole wrote: Hi, If one install Apache from the ports, the logs go in /var/log, namely in: ssl_request_log httpd-access.log ssl_engine_log httpd-error.log Is there a clean way to rotate these logs a la newsyslog? I know I can use newsyslog to rotate them, but then how to notify Apache to use the new log files? I don't expect a signal HUP sent to httpd would be enough. Best regards, Olivier I use ports/sysutils/cronolog/ which does a great job transparently. Nicolas. -- FreeBSD 7.0-CURRENT #0: Sat Oct 15 12:09:14 EDT 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/CLK01A PGP? : http://www.clkroot.net/security/nb_root.asc pgpHDhINjG4hf.pgp Description: PGP signature
Re: Apache log rotation
At 10:00 PM +1300 10/19/05, Jonathan Chen wrote: On Wed, Oct 19, 2005 at 03:54:15PM +0700, Olivier Nicole wrote: [...] Is there a clean way to rotate these logs a la newsyslog? I know I can use newsyslog to rotate them, but then how to notify Apache to use the new log files? I don't expect a signal HUP sent to httpd would be enough. It is. All you need to make sure that only the last line has the HUP to the httpd, as newsyslog works from top to bottom. eg: /var/log/apache/httpd-access.log644 12*$M1D0 BN /var/log/apache/httpd-error.log 644 12*$M1D0 B /var/run/httpd.pid *ALL* lines should include the HUP request. In the above example you are rotating at an explicit time, but many people also depend on the size of the file. If they do depend on the size of the file, then the above trick will not always work. It used to be that you had to do some trick like the above to avoid sending multiple HUP's to the process. I changed that so that the same process can be specified on many log files, and newsyslog will first rotate all files which need rotating, and then send a single signal to the process. So now there is no problem caused by specifying the same process on multiple entries in newsyslog.conf . -- Garance Alistair Drosehn = [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Institute; Troy, NY; USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Apache Log Rotation Statistics
Hi, What I am looking for here is some advice on what will be the best ways to acomplish what I have in mind. What I hope to acomplish follows, so any thoughts on how to do it, or if it is complex or impossible would be very helpful. I have Apache 2.x running with a collection of virtual hosts, each logging to their own access.log file. I want to offer log statistics to all of my virtual hosts on an individual basis. I want them to be able to go to say log.theirdomain.com or www.theirdomain.com/log and be able to view the statistics for their site from day x, week y, month z, year k, whatever. Ideally these logs will be stored compressed and in a directory specific to their virtual domain. I am sorry if I am not explaining this 100%, please feel free to ask me to clarify myself. Thanks much, Gadi Golan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache Log Rotation Statistics
On Jan 12 at 18:03, Gadi Golan wondered aloud: I have Apache 2.x running with a collection of virtual hosts, each logging to their own access.log file. I want to offer log statistics to all of my virtual hosts on an individual basis. I want them to be able to go to say log.theirdomain.com or www.theirdomain.com/log and be able to view the statistics for their site from day x, week y, month z, year k, whatever. Ideally these logs will be stored compressed and in a directory specific to their virtual domain. Well, just some thoughts straight out of the box: Since you have individual logs for each virtual site, logrotate should do much of what you're aiming for I believe. If you don't already have it installed it's in; /usr/ports/sysutils/logrotate There's a ton of highly useful stuff in the logrotate man pages, although I use few of the possibilities myself, and really when I think about it, ought to use more. Here's something that is apropos of your situation: (from man logrotate) The file you're immediately concerned with in the beginning BTW is: /etc/logrotate.conf CONFIGURATION FILE logrotate reads everything about the log files it should be handling from the series of configuration files specified on the command line. Each configuration file can set global options (local definitions over-ride global ones, and later definitions override earlier ones) and specify a logfile to rotate. A simple configuration file looks like this: # sample logrotate configuration file compress /var/log/messages { rotate 5 weekly postrotate /sbin/killall -HUP syslogd endscript } /var/log/httpd/access.log /var/log/httpd/error.log { rotate 5 mail [EMAIL PROTECTED] size=100k sharedscripts postrotate /sbin/killall -HUP httpd endscript } /var/log/news/news.crit { monthly rotate 2 olddir /var/log/news/old missingok postrotate kill -HUP `cat /var/run/inn.pid` endscript nocompress As you can see, there is much which you can use here. Logrotate is a powerful utility and may be perfect for your purposes. Good luck HTH, -Colin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache Log Rotation Statistics
On Jan 12, 2005, at 5:03 PM, Gadi Golan wrote: Hi, What I am looking for here is some advice on what will be the best ways to acomplish what I have in mind. What I hope to acomplish follows, so any thoughts on how to do it, or if it is complex or impossible would be very helpful. I have Apache 2.x running with a collection of virtual hosts, each logging to their own access.log file. I want to offer log statistics to all of my virtual hosts on an individual basis. I want them to be able to go to say log.theirdomain.com or www.theirdomain.com/log and be able to view the statistics for their site from day x, week y, month z, year k, whatever. Ideally these logs will be stored compressed and in a directory specific to their virtual domain. I am sorry if I am not explaining this 100%, please feel free to ask me to clarify myself. Thanks much, Gadi Golan I would recommend webalizer in the ports. If you read through the documentation, you specify the logfile and destination of each run, so you could have multiple configurations and cron jobs to compute the stats for you. Let me know if you have any more questions. IIRC, you can see an example at www.webalizer.org. HTH ___ Eric F Crist I am so smart, S.M.R.T! Secure Computing Networks -Homer J Simpson PGP.sig Description: This is a digitally signed message part
Re: Apache log rotation problems
On 8 July, 2004, at 22:46 (-0400) Bill Moran [EMAIL PROTECTED] wrote: Graham North [EMAIL PROTECTED] wrote: Hello all: There has to be a simple fix to this problem - I am using newsyslog and cron to rotate my Apache logfiles.They get rotated and Apache keeps working however after a log rotation takes place Apache will not longer log my accesses. It does continue to serve pages but I need to do an apachectl restart in order for it to continue logging properly. newsyslog.conf and crontab files are attached for reference. You need to restart apache to get it to start logging to a new file. Luckily, newsyslog can do this for you. With the default Apache install, Apache will log its PID to a file when it starts, just add this filename (/var/run/httpd.pid) to the end of each newsyslog entry that rotates an apache file, and newsyslog will automatically send a HUP signal to that PID when the log file is rotated See the man pages for newsyslog for more detailed info. Another option is to use the sysutils/cronolog port. Configure it in httpd.conf, with ErrorLog and CustomLog directives similar to the following: ErrorLog |/usr/local/sbin/cronolog --symlink=/var/log/httpd/error_log /var/log/httpd/error_log_%y%m%d CustomLog |/usr/local/sbin/cronolog --symlink=/var/log/httpd/access_log /var/log/httpd/access_log_%y%m%d combined cronolog will rotate logs automatically each day. From the cronlog man page: Before writing a message cronolog checks the time to see whether the current log file is still valid and if not it closes the current file, expands the template using the current date and time to generate a new file name, opens the new file (creating missing directories on the path of the new log file as needed unless the program is compiled with -DDONT_CREATE_SUBDIRS) and calculates the time at which the new file will become invalid. See the man page for further details. I've been using it for awhile on my public web server. Seems to work just fine. -Brian Brian Clapper, http://www.clapper.org/bmc/ Scott's first Law: No matter what goes wrong, it will probably look right. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache log rotation problems
Graham North [EMAIL PROTECTED] wrote: Hello all: There has to be a simple fix to this problem - I am using newsyslog and cron to rotate my Apache logfiles.They get rotated and Apache keeps working however after a log rotation takes place Apache will not longer log my accesses. It does continue to serve pages but I need to do an apachectl restart in order for it to continue logging properly. newsyslog.conf and crontab files are attached for reference. You need to restart apache to get it to start logging to a new file. Luckily, newsyslog can do this for you. With the default Apache install, Apache will log its PID to a file when it starts, just add this filename (/var/run/httpd.pid) to the end of each newsyslog entry that rotates an apache file, and newsyslog will automatically send a HUP signal to that PID when the log file is rotated See the man pages for newsyslog for more detailed info. -- Bill Moran Potential Technologies http://www.potentialtech.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Apache log rotation problems
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Graham North Sent: Thursday, July 08, 2004 9:32 PM To: [EMAIL PROTECTED]; Matthew Seaman Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; Matthew Seaman Subject: Apache log rotation problems Hello all: There has to be a simple fix to this problem - I am using newsyslog and cron to rotate my Apache logfiles.They get rotated and Apache keeps working however after a log rotation takes place Apache will not longer log my accesses. It does continue to serve pages but I need to do an apachectl restart in order for it to continue logging properly. newsyslog.conf and crontab files are attached for reference. Any help and suggestions greatly appreciated. Regards, Graham/ Hello, Try something like this: newsyslog.conf: /var/log/httpd-access.log 644 2 * @T00 B /var/run/httpd.pid 30 More info: http://www.freebsddiary.org/rotatelogs.php Best regards, Andras Kende http://www.kende.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Ipmon security log rotation
I start ipmon at boot time with /sbin/ipmon -D /var/log/security. Ipmon works fine but seems to stop logging entries to the security logfile when it is rotated. newsyslog.conf sets mode to 700, which should be fine since ipmon is run as root (i think?) How could i correct this? Thanks Gareth _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Ipmon security log rotation
On Fri, Jun 25, 2004 at 02:15:50PM +0200, Gareth Bailey wrote: I start ipmon at boot time with /sbin/ipmon -D /var/log/security. Ipmon works fine but seems to stop logging entries to the security logfile when it is rotated. newsyslog.conf sets mode to 700, which should be fine since ipmon is run as root (i think?) The file doesn't have to be executed so it should be 600. Cron runs newsyslog. It send the output by mail (root accound by default). What does the output say? How could i correct this? This is my line: /var/log/security 600 3 100 * Z I don't run ipmon, so it could be that you need to give the pid file afther it. -- Alex Articles based on solutions that I use: http://www.kruijff.org/alex/FreeBSD/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Ipmon security log rotation
If you are saying that you have /sbin/ipmon -D /var/log/security on the rc.conf statement, then you are telling it to do 2 conflicting things. The /var/log/security part needs to be removed. It's telling ipmon to use manual log file after you tell with -d to use syslog log function. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gareth Bailey Sent: Friday, June 25, 2004 8:16 AM To: [EMAIL PROTECTED] Subject: Ipmon security log rotation I start ipmon at boot time with /sbin/ipmon -D /var/log/security. Ipmon works fine but seems to stop logging entries to the security logfile when it is rotated. newsyslog.conf sets mode to 700, which should be fine since ipmon is run as root (i think?) How could i correct this? Thanks Gareth _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Ipmon security log rotation
The -D flag tells it to run as daemon. Starting ipmon with ipmon_flags=-D /var/log/security in rc.conf works fine. It logs to security as required. The problem comes in when the /var/log/security file is rotated by newsyslog. After this occurs, logging stop all together even though ipmon is still running! Thanks Gareth On Fri, 25 Jun 2004 08:52:40 -0400 JJB [EMAIL PROTECTED] wrote: If you are saying that you have /sbin/ipmon -D /var/log/security on the rc.conf statement, then you are telling it to do 2 conflicting things. The /var/log/security part needs to be removed. It's telling ipmon to use manual log file after you tell with -d to use syslog log function. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gareth Bailey Sent: Friday, June 25, 2004 8:16 AM To: [EMAIL PROTECTED] Subject: Ipmon security log rotation I start ipmon at boot time with /sbin/ipmon -D /var/log/security. Ipmon works fine but seems to stop logging entries to the security logfile when it is rotated. newsyslog.conf sets mode to 700, which should be fine since ipmon is run as root (i think?) How could i correct this? Thanks Gareth _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Ipmon security log rotation
You need to either tell newsyslog the pidfile, so it can HUP ipmon, or just get it to use syslog (in which case newsyslog doesn't need to HUP it at all). * Gareth Bailey [EMAIL PROTECTED] [0616 14:16]: The -D flag tells it to run as daemon. Starting ipmon with ipmon_flags=-D /var/log/security in rc.conf works fine. It logs to security as required. The problem comes in when the /var/log/security file is rotated by newsyslog. After this occurs, logging stop all together even though ipmon is still running! Thanks Gareth On Fri, 25 Jun 2004 08:52:40 -0400 JJB [EMAIL PROTECTED] wrote: If you are saying that you have /sbin/ipmon -D /var/log/security on the rc.conf statement, then you are telling it to do 2 conflicting things. The /var/log/security part needs to be removed. It's telling ipmon to use manual log file after you tell with -d to use syslog log function. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gareth Bailey Sent: Friday, June 25, 2004 8:16 AM To: [EMAIL PROTECTED] Subject: Ipmon security log rotation I start ipmon at boot time with /sbin/ipmon -D /var/log/security. Ipmon works fine but seems to stop logging entries to the security logfile when it is rotated. newsyslog.conf sets mode to 700, which should be fine since ipmon is run as root (i think?) How could i correct this? Thanks Gareth _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- A straw vote only shows which way the hot air blows. -- O'Henry Rasputin :: Jack of All Trades - Master of Nuns ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Ipmon security log rotation
Thanks Dick, Giving ipmon -Ds flags and directing messages to the security file using local0.* seems to be the answer. Specifying a pid file in newsyslog.conf gave errors about not being able to HUP ipmon. Cheers, Gareth On Fri, 25 Jun 2004 14:24:41 +0100 Dick Davies [EMAIL PROTECTED] wrote: You need to either tell newsyslog the pidfile, so it can HUP ipmon, or just get it to use syslog (in which case newsyslog doesn't need to HUP it at all). * Gareth Bailey [EMAIL PROTECTED] [0616 14:16]: The -D flag tells it to run as daemon. Starting ipmon with ipmon_flags=-D /var/log/security in rc.conf works fine. It logs to security as required. The problem comes in when the /var/log/security file is rotated by newsyslog. After this occurs, logging stop all together even though ipmon is still running! Thanks Gareth On Fri, 25 Jun 2004 08:52:40 -0400 JJB [EMAIL PROTECTED] wrote: If you are saying that you have /sbin/ipmon -D /var/log/security on the rc.conf statement, then you are telling it to do 2 conflicting things. The /var/log/security part needs to be removed. It's telling ipmon to use manual log file after you tell with -d to use syslog log function. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gareth Bailey Sent: Friday, June 25, 2004 8:16 AM To: [EMAIL PROTECTED] Subject: Ipmon security log rotation I start ipmon at boot time with /sbin/ipmon -D /var/log/security. Ipmon works fine but seems to stop logging entries to the security logfile when it is rotated. newsyslog.conf sets mode to 700, which should be fine since ipmon is run as root (i think?) How could i correct this? Thanks Gareth _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- A straw vote only shows which way the hot air blows. -- O'Henry Rasputin :: Jack of All Trades - Master of Nuns _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ClamAV Log Rotation (WAS: Antivirus suggestion...)
On Mar 16, 2004, at 6:28 PM, Wayne Sierke wrote: On Tue, 2004-03-16 at 08:45, Jonathan T. Sage wrote: Hope this is of some use: snip Clamd log rotation: first and foremost, make sure that clamav is gonna drop a pidfile. in /usr/local/etc/clamav.conf, uncomment: # This option allows you to save the process identifier of the listening # daemon (main thread). PidFile /var/run/clamd.pid then, add the following (one line) to /etc/newsyslog.conf /var/log/clamd.log 644 3 *$W0D1 BJ \ /var/run/clamd.pid 1 this will rotate the log once a week, keep 3 of them (current log +3 weeks). it will also compress the old one with bzip2 and SIGHUP the clamd process. seems to work just fine for me, running clamav-devel on -current (Mar 3 or so right now) Here's what I got: # ls -lrt /var/log/clamd* -rw-r- 1 clamav clamav 0 Mar 17 06:00 /var/log/clamd.log -rw-r- 1 clamav clamav 35873 Mar 17 09:00 /var/log/clamd.log.0 # tail -n 6 /var/log/clamd.log.0 Wed Mar 17 05:58:54 2004 - SelfCheck: Database status OK. Wed Mar 17 06:00:00 2004 - SIGHUP catched: log file re-opened. Wed Mar 17 06:00:00 2004 - ERROR: accept() failed. Wed Mar 17 06:59:32 2004 - SelfCheck: Database status OK. Wed Mar 17 08:00:10 2004 - SelfCheck: Database status OK. Wed Mar 17 09:00:48 2004 - SelfCheck: Database status OK. # portversion -v clamav* clamav-0.67.1 = up-to-date with port Hmm, just saw a submission to -ports for an update to 0.70-rc, looks like that version is needed to have the SIGHUP handling (according to its NEWS file). I suppose the next question is, how *should* I be doing the log rotation (if I do a ports update and it does indeed update to .70)...what entries in the newsyslog.conf file should be made and what, if anything, needs to be entered into the clamav file? I don't want to mix workaround for not continuing to log old method with new works with sighup method... Thanks everyone! -Bart ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ClamAV Log Rotation (WAS: Antivirus suggestion...)
On Tue, 2004-03-16 at 08:45, Jonathan T. Sage wrote: Hope this is of some use: snip Clamd log rotation: first and foremost, make sure that clamav is gonna drop a pidfile. in /usr/local/etc/clamav.conf, uncomment: # This option allows you to save the process identifier of the listening # daemon (main thread). PidFile /var/run/clamd.pid then, add the following (one line) to /etc/newsyslog.conf /var/log/clamd.log644 3 *$W0D1 BJ \ /var/run/clamd.pid 1 this will rotate the log once a week, keep 3 of them (current log +3 weeks). it will also compress the old one with bzip2 and SIGHUP the clamd process. seems to work just fine for me, running clamav-devel on -current (Mar 3 or so right now) Here's what I got: # ls -lrt /var/log/clamd* -rw-r- 1 clamav clamav 0 Mar 17 06:00 /var/log/clamd.log -rw-r- 1 clamav clamav 35873 Mar 17 09:00 /var/log/clamd.log.0 # tail -n 6 /var/log/clamd.log.0 Wed Mar 17 05:58:54 2004 - SelfCheck: Database status OK. Wed Mar 17 06:00:00 2004 - SIGHUP catched: log file re-opened. Wed Mar 17 06:00:00 2004 - ERROR: accept() failed. Wed Mar 17 06:59:32 2004 - SelfCheck: Database status OK. Wed Mar 17 08:00:10 2004 - SelfCheck: Database status OK. Wed Mar 17 09:00:48 2004 - SelfCheck: Database status OK. # portversion -v clamav* clamav-0.67.1 = up-to-date with port Hmm, just saw a submission to -ports for an update to 0.70-rc, looks like that version is needed to have the SIGHUP handling (according to its NEWS file). Wayne ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ClamAV Log Rotation (WAS: Antivirus suggestion...)
Wayne Sierke wrote: snip Clamd log rotation: first and foremost, make sure that clamav is gonna drop a pidfile. in /usr/local/etc/clamav.conf, uncomment: # This option allows you to save the process identifier of the listening # daemon (main thread). PidFile /var/run/clamd.pid then, add the following (one line) to /etc/newsyslog.conf /var/log/clamd.log 644 3 *$W0D1 BJ \ /var/run/clamd.pid 1 this will rotate the log once a week, keep 3 of them (current log +3 weeks). it will also compress the old one with bzip2 and SIGHUP the clamd process. seems to work just fine for me, running clamav-devel on -current (Mar 3 or so right now) Here's what I got: # ls -lrt /var/log/clamd* -rw-r- 1 clamav clamav 0 Mar 17 06:00 /var/log/clamd.log -rw-r- 1 clamav clamav 35873 Mar 17 09:00 /var/log/clamd.log.0 # tail -n 6 /var/log/clamd.log.0 Wed Mar 17 05:58:54 2004 - SelfCheck: Database status OK. Wed Mar 17 06:00:00 2004 - SIGHUP catched: log file re-opened. Wed Mar 17 06:00:00 2004 - ERROR: accept() failed. Wed Mar 17 06:59:32 2004 - SelfCheck: Database status OK. Wed Mar 17 08:00:10 2004 - SelfCheck: Database status OK. Wed Mar 17 09:00:48 2004 - SelfCheck: Database status OK. # portversion -v clamav* clamav-0.67.1 = up-to-date with port Hmm, just saw a submission to -ports for an update to 0.70-rc, looks like that version is needed to have the SIGHUP handling (according to its NEWS file). Ah. yes, When I wrote this, i was using clamav-devel, and the SIGHUP handling works fine there. thanks for the info though. ~j -- Jonathan T. Sage Theatrical Lighting / Set Designer Professional Web Design [HTTP://www.JTSage.com] [EMAIL PROTECTED] [See Headers for Contact Info] signature.asc Description: OpenPGP digital signature
Re: log rotation
On Mon, 2004-03-15 at 10:37, Bart Silverstrim wrote: Quick questions: I've run across some mumblings in the ClamAV lists about Clamd not logging anymore (or not scanning anymore?) when the maximum logfile size is reached. Is anyone in FreeBSD running this, and if so, are you using Newsyslog to rotate the logs? What are your settings (how would I set it up)? Having recently installed clamav I was interested in getting log rotation enabled too (5.2-RELEASE). As an experiment I set the when entry in newsyslog.conf to 1 hour. After the log rotation I'm not getting any new entries written to the logfile. I believe I saw somewhere someone claiming that logrotate was working for them (but probably on Linux). Might have to try that instead. Wayne Elaborations: I didn't know what would be a safe way to do this, since I also have an every-four-hour update running for the clamav and I didn't know what would happen if A) the update for the database falls at a moment when the log is rotating B) I didn't find the proper way to rotate the log so Clamd doesn't have an open file handle on a log being rotated and/or have clamd try writing to the file while it's being rotated C) how can clamd have the file rotated without being temporarily disabled running into problems because that disabled clamd may be called on in that period by amavisd-new to do a virus scan on a mail message... Anyone got a good log rotation scheme in place to handle this automatically without running into problems? Thanks! -Bart ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: log rotation
you can also write a script, cp -p the logfile and immediatly after that : the file cp -p oldfile newfile : oldfile this keeps the file descriptors intact and might work Since i cannot test this, it's just a guess. Cheers -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Wayne Sierke Verzonden: maandag 15 maart 2004 13:00 Aan: Bart Silverstrim CC: FreeBSD Questions Mailing List Onderwerp: Re: log rotation On Mon, 2004-03-15 at 10:37, Bart Silverstrim wrote: Quick questions: I've run across some mumblings in the ClamAV lists about Clamd not logging anymore (or not scanning anymore?) when the maximum logfile size is reached. Is anyone in FreeBSD running this, and if so, are you using Newsyslog to rotate the logs? What are your settings (how would I set it up)? Having recently installed clamav I was interested in getting log rotation enabled too (5.2-RELEASE). As an experiment I set the when entry in newsyslog.conf to 1 hour. After the log rotation I'm not getting any new entries written to the logfile. I believe I saw somewhere someone claiming that logrotate was working for them (but probably on Linux). Might have to try that instead. Wayne Elaborations: I didn't know what would be a safe way to do this, since I also have an every-four-hour update running for the clamav and I didn't know what would happen if A) the update for the database falls at a moment when the log is rotating B) I didn't find the proper way to rotate the log so Clamd doesn't have an open file handle on a log being rotated and/or have clamd try writing to the file while it's being rotated C) how can clamd have the file rotated without being temporarily disabled running into problems because that disabled clamd may be called on in that period by amavisd-new to do a virus scan on a mail message... Anyone got a good log rotation scheme in place to handle this automatically without running into problems? Thanks! -Bart ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation
On Mon, Mar 15, 2004 at 10:30:05PM +1030, Wayne Sierke typed: On Mon, 2004-03-15 at 10:37, Bart Silverstrim wrote: Quick questions: I've run across some mumblings in the ClamAV lists about Clamd not logging anymore (or not scanning anymore?) when the maximum logfile size is reached. Is anyone in FreeBSD running this, and if so, are you using Newsyslog to rotate the logs? What are your settings (how would I set it up)? Having recently installed clamav I was interested in getting log rotation enabled too (5.2-RELEASE). As an experiment I set the when entry in newsyslog.conf to 1 hour. After the log rotation I'm not getting any new entries written to the logfile. I believe I saw somewhere someone claiming that logrotate was working for them (but probably on Linux). Might have to try that instead. Are you using syslogd for logging (LogSyslog in clamav.conf) ? Log rotation through newsyslog is working fine here. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation
On Mon, 2004-03-15 at 23:07, Ruben de Groot wrote: On Mon, Mar 15, 2004 at 10:30:05PM +1030, Wayne Sierke typed: On Mon, 2004-03-15 at 10:37, Bart Silverstrim wrote: Quick questions: I've run across some mumblings in the ClamAV lists about Clamd not logging anymore (or not scanning anymore?) when the maximum logfile size is reached. Is anyone in FreeBSD running this, and if so, are you using Newsyslog to rotate the logs? What are your settings (how would I set it up)? Having recently installed clamav I was interested in getting log rotation enabled too (5.2-RELEASE). As an experiment I set the when entry in newsyslog.conf to 1 hour. After the log rotation I'm not getting any new entries written to the logfile. I believe I saw somewhere someone claiming that logrotate was working for them (but probably on Linux). Might have to try that instead. Are you using syslogd for logging (LogSyslog in clamav.conf) ? Log rotation through newsyslog is working fine here. Yes. Here are the entries from clamav.conf: LogFile /var/log/clamd.log #LogFileUnlock #LogFileMaxSize 2M LogTime LogSyslog #LogVerbose and from newsyslog.conf: /var/log/clamd.log clamav:clamav 640 12999 * J Anything significant in there that you can see? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log rotation
On Mar 15, 2004, at 7:37 AM, Ruben de Groot wrote: On Mon, Mar 15, 2004 at 10:30:05PM +1030, Wayne Sierke typed: On Mon, 2004-03-15 at 10:37, Bart Silverstrim wrote: Quick questions: I've run across some mumblings in the ClamAV lists about Clamd not logging anymore (or not scanning anymore?) when the maximum logfile size is reached. Is anyone in FreeBSD running this, and if so, are you using Newsyslog to rotate the logs? What are your settings (how would I set it up)? Having recently installed clamav I was interested in getting log rotation enabled too (5.2-RELEASE). As an experiment I set the when entry in newsyslog.conf to 1 hour. After the log rotation I'm not getting any new entries written to the logfile. I believe I saw somewhere someone claiming that logrotate was working for them (but probably on Linux). Might have to try that instead. Are you using syslogd for logging (LogSyslog in clamav.conf) ? Log rotation through newsyslog is working fine here. What is your clamav.conf and newsyslog config file setup? (and what release of FreeBSD? I'm using 4.9-p3...should work, shouldn't it?) Thanks! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ClamAV Log Rotation (WAS: Antivirus suggestion...)
Hope this is of some use: Bart Silverstrim wrote: I haven't tried it on Exim, but I've had mostly good luck with ClamAV (need to work on the log rotation question I've posted previously about, though...) Speaking of that log question, have you been able to prove (substantiate may be a better word) that this happens? also note that newsyslog has the ability to -HUP a process when it rotates a log file (for details on how to do this, take a look at apache log rotation howtos). I have been seeing several posts to the clamav-users list about it happening, that once it hits the quota limit for the logfile size that it will stop working. Has it happened to me yet? no...my logfile hasn't reached the 5 meg limit yet :-) I do need to find a way to rotate the log though. I'm just waiting to find someone that can say yes, I'm running clamav, and using newsyslog to rotate the log, here's the line I use in the conf file to do it and here's the line I use in the clamav.conf file to get it to work... Hey, if you get a working rotation configuration for Clamd, please do share! :-) I've got a production server holding it's own in proving open source software is a viable alternative to the commercial fellas for our school district, and I don't need to have our mail system go belly up because of an overgrown logfile :-) Clamd log rotation: first and foremost, make sure that clamav is gonna drop a pidfile. in /usr/local/etc/clamav.conf, uncomment: # This option allows you to save the process identifier of the listening # daemon (main thread). PidFile /var/run/clamd.pid then, add the following (one line) to /etc/newsyslog.conf /var/log/clamd.log 644 3 *$W0D1 BJ \ /var/run/clamd.pid 1 this will rotate the log once a week, keep 3 of them (current log +3 weeks). it will also compress the old one with bzip2 and SIGHUP the clamd process. seems to work just fine for me, running clamav-devel on -current (Mar 3 or so right now) ~j -- Jonathan T. Sage Theatrical Lighting / Set Designer Professional Web Design [HTTP://www.JTSage.com] [EMAIL PROTECTED] [See Headers for Contact Info] signature.asc Description: OpenPGP digital signature
log rotation
Quick questions: I've run across some mumblings in the ClamAV lists about Clamd not logging anymore (or not scanning anymore?) when the maximum logfile size is reached. Is anyone in FreeBSD running this, and if so, are you using Newsyslog to rotate the logs? What are your settings (how would I set it up)? Elaborations: I didn't know what would be a safe way to do this, since I also have an every-four-hour update running for the clamav and I didn't know what would happen if A) the update for the database falls at a moment when the log is rotating B) I didn't find the proper way to rotate the log so Clamd doesn't have an open file handle on a log being rotated and/or have clamd try writing to the file while it's being rotated C) how can clamd have the file rotated without being temporarily disabled running into problems because that disabled clamd may be called on in that period by amavisd-new to do a virus scan on a mail message... Anyone got a good log rotation scheme in place to handle this automatically without running into problems? Thanks! -Bart ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Log Rotation
In particular, Im looking to see if there is a FreeBSD way in rotating PostgreSQL logs. Any advise would be appreciated. Thanks ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Log Rotation
Gerard Samuel [EMAIL PROTECTED] writes: In particular, Im looking to see if there is a FreeBSD way in rotating PostgreSQL logs. Any advise would be appreciated. newsyslog(8) is part of the base system... -- Lowell Gilbert, embedded/networking software engineer, Boston area: resume/CV at http://be-well.ilk.org:8088/~lowell/resume/ username/password public ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Log Rotation
On Sunday 28 December 2003 12:36 pm, Lowell Gilbert wrote: Gerard Samuel [EMAIL PROTECTED] writes: In particular, Im looking to see if there is a FreeBSD way in rotating PostgreSQL logs. Any advise would be appreciated. newsyslog(8) is part of the base system... Yes, Im familiar with newsyslog, but Im not sure how it will play with rotating PostgreSQL's log file, as PostgreSQL seems to need some extra TLC when rotating the log while PostgreSQL is running. http://www.postgresql.org/docs/7.3/interactive/logfile-maintenance.html Ill have to let that sink in the brain, before I try messing with it. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Log Rotation
Gerard Samuel wrote: On Sunday 28 December 2003 12:36 pm, Lowell Gilbert wrote: Gerard Samuel [EMAIL PROTECTED] writes: In particular, Im looking to see if there is a FreeBSD way in rotating PostgreSQL logs. Any advise would be appreciated. newsyslog(8) is part of the base system... Yes, Im familiar with newsyslog, but Im not sure how it will play with rotating PostgreSQL's log file, as PostgreSQL seems to need some extra TLC when rotating the log while PostgreSQL is running. http://www.postgresql.org/docs/7.3/interactive/logfile-maintenance.html Ill have to let that sink in the brain, before I try messing with it. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Just a guess here, but what the problem likely is is that Postgres keeps a file descriptor open to it's logfile, which means that 'simple' log rotation, eg just moving the original logfile to a backup name or gzipped file will break the logging as pg won't have a valid file descriptor any more. This one's bit a project I worked on forever ago (on a production system! :-( ) running Solaris and Sybase... The easy solution is to see if any of the log rotation scripts have the 'right' behavior...if not, you can write your own script to do it, test it by rotating the logs and then intentionally doing something to produce log output (depending on your log level)...if you get the log output, everything's happy. What it should be doing is this (and a side effect is you shouldn't run into log problems on other apps either): 1. Copy the log file locally, using whatever naming convention you want, eg logname.(massaged date/time stamp like $(date | cut -f' ')) 2. Truncate the existing log via cat /dev/null original logfile . This allows the logging progam to continue to log without an invalid fd.. 3. gzip or move the copied logfile to wherever, gzip it etc.. This is a simple solution, and has the potential to lose a few log entries due to the time from the completion of the original log copy until the original log file truncation is completed, but should be fine for home, non critical or low usage (meaning not logging 1000 messages/minute) log filesthere's probably a better way to do this, probably logging via a pipe, but I don't know the specifics offhand... HTH, Scott ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Log Rotation
Scott W [EMAIL PROTECTED] writes: Just a guess here, but what the problem likely is is that Postgres keeps a file descriptor open to it's logfile, which means that 'simple' log rotation, eg just moving the original logfile to a backup name or gzipped file will break the logging as pg won't have a valid file descriptor any more. This one's bit a project I worked on forever ago (on a production system! :-( ) running Solaris and Sybase... The easy solution is to see if any of the log rotation scripts have the 'right' behavior...if not, you can write your own script to do it, test it by rotating the logs and then intentionally doing something to produce log output (depending on your log level)...if you get the log output, everything's happy. Postgres knows how to use syslog(8) for its logging, which is another option also quite simple... ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Log Rotation
On Sunday 28 December 2003 01:24 pm, Scott W wrote: This is a simple solution, and has the potential to lose a few log entries due to the time from the completion of the original log copy until the original log file truncation is completed, but should be fine for home, non critical or low usage (meaning not logging 1000 messages/minute) log filesthere's probably a better way to do this, probably logging via a pipe, but I don't know the specifics offhand... Seems ok to me, as its for a home setup. But its always nice to know on what to do on a production system, when one gets thrown to the wolves. Thanks for the tip... ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Log Rotation
On Sunday 28 December 2003 01:34 pm, Lowell Gilbert wrote: Postgres knows how to use syslog(8) for its logging, which is another option also quite simple... True. I have to investigate this option... ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Log Rotation
On Sun, Dec 28, 2003 at 01:24:02PM -0500, Scott W wrote: The easy solution is to see if any of the log rotation scripts have the 'right' behavior...if not, you can write your own script to do it, test it by rotating the logs and then intentionally doing something to produce log output (depending on your log level)...if you get the log output, everything's happy. What it should be doing is this (and a side effect is you shouldn't run into log problems on other apps either): 1. Copy the log file locally, using whatever naming convention you want, eg logname.(massaged date/time stamp like $(date | cut -f' ')) 2. Truncate the existing log via cat /dev/null original logfile . This allows the logging progam to continue to log without an invalid fd.. 3. gzip or move the copied logfile to wherever, gzip it etc.. And it does help to check the documenation for the particular program doing the logging to see if it has a way of switching the logs via some external condition (e.g. a signal) or whether you can specify when it should rotate the log. Another possibility (although somewhat of a hack) is to stop the program, rotate the log and then start the program up again. Perhaps not for a 24x7 environment but it does work. Marc -- Marc Wiz [EMAIL PROTECTED] Yes, that really is my last name. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Log Rotation
On Sun, Dec 28, 2003 at 01:03:14PM -0500, Gerard Samuel wrote: Yes, Im familiar with newsyslog, but Im not sure how it will play with rotating PostgreSQL's log file, as PostgreSQL seems to need some extra TLC when rotating the log while PostgreSQL is running. http://www.postgresql.org/docs/7.3/interactive/logfile-maintenance.html Ill have to let that sink in the brain, before I try messing with it. http://www.cronolog.org/ -- configure postgresql to log to stdout or stderr and pipe the data into cronolog. It will generate logfiles based on the time date, but you'll have to write a script to deal with the oldest log files. It's in ports as sysutils/cronolog Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: log rotation
for i in /var/run/*.pid; do kill -1 `head -n 1 $i`; done Thank you, this seems to have solved my problem nicely :) Since I upgraded to FreeBSD 4.7, I notice the following problem: Once a month when my log files rotate (simply gzipping the old, and the creating a new empty log file via a cron job) the log files stay empty. all permissions and ownerships are correct. it takes a reboot - then the daemons are able to fill up the new log files - but not until a reboot. Daemons write logs to a file descriptor (fd) without a syscall it can't change fd. using mv on a local file system use rename(), so fd is the same, and daemon fills this fd. Usually you can send a kill -HUP to the daemon to make him look for a new fd. tipically : mv current.log old.log fills old.log kill -HUP pid of daemon fills current.old gzip -9 old.old and it should work clem _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
log rotation
Since I upgraded to FreeBSD 4.7, I notice the following problem: Once a month when my log files rotate (simply gzipping the old, and the creating a new empty log file via a cron job) the log files stay empty. all permissions and ownerships are correct. it takes a reboot - then the daemons are able to fill up the new log files - but not until a reboot. I cannot understand how this could be or why. Please reply off list if you have an answer. _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: log rotation
On Sun, Mar 02, 2003 at 11:50:55PM +, Chad Kline wrote: Since I upgraded to FreeBSD 4.7, I notice the following problem: Once a month when my log files rotate (simply gzipping the old, and the creating a new empty log file via a cron job) the log files stay empty. all permissions and ownerships are correct. it takes a reboot - then the daemons are able to fill up the new log files - but not until a reboot. You should use newsyslog(8) and /etc/newsyslog.conf instead. Most loggers (eg syslog) hold the file open for writes, and deleting the old one (by gzipping) only removes the entry from the directory. The logger still has it open and is still writing to the file (although you aren't able to reference it anymore). -- Jonathan Chen [EMAIL PROTECTED] -- I don't want to achive immortality through my works.. I want to achieve it through not dying - Woody Allen To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: log rotation
On Sun, 02 Mar 2003 23:50:55 + Chad Kline [EMAIL PROTECTED] wrote: Since I upgraded to FreeBSD 4.7, I notice the following problem: Once a month when my log files rotate (simply gzipping the old, and the creating a new empty log file via a cron job) the log files stay empty. all permissions and ownerships are correct. it takes a reboot - then the daemons are able to fill up the new log files - but not until a reboot. Daemons write logs to a file descriptor (fd) without a syscall it can't change fd. using mv on a local file system use rename(), so fd is the same, and daemon fills this fd. Usually you can send a kill -HUP to the daemon to make him look for a new fd. tipically : mv current.log old.log fills old.log kill -HUP pid of daemon fills current.old gzip -9 old.old and it should work clem To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message