Hi fellows, I have put together a small essay pointing some of the problems of Debian logrotation scheme. Let's start a discussion about it, and make Debian a bit better at this part too. Proposal about logrotation in Debian ------------------------------------ I have been in Linux system administration for about 3+ years, and saw several logrotation approaches: 1) DIY (aka do it yourself) slackware (at least ancient versions) did not do automatic logrotation, one had to set up custom crontab entries for rotation. While this approach is highly customizable <grin>, it requires some (more than necessary) sysadmin work. 2) Debian style: the logrotation system of debian is like a DIY system, but the distribution automatically installs it. What I mean on DIY here, is that it works (tm), but for a distribution it is not general enough. See details later. 3) RedHat style (versions 4.x and later): RedHat has developed a GPLd program called logrotate, which centralizes log management. It has both a config file (/etc/logrotate.conf) and a directory where packages can drop logrotation info (/etc/logrotate.d) Logrotation is highly customizable and is maintained by the distribution. Problems with Debian Style logrotation, and some solutions ---------------------------------------------------------- Each debian package which has logfiles, drops a file to one of /etc/cron.xxx, which takes care about logrotation. I one wants to rotate a given file at different intervals, he should move that file to a different cron.xxx directory. This file dropped to the cron dir is tagged as a config file. Now if this given package is updated, dpkg will not find the moved file, and will happily install the new version distributed in the .deb file - and the old one will still exist. Two cron scripts will try to rotate logfiles. Another issue, syslogd. Logfiles created by syslogd are rotated also by a script, which uses syslogd-listfiles to find which files are to be rotated. syslogd-listfiles has three catagories to list: Without parameter: files that have *.* in their facility.level specification --auth: files which contain auth.* --news: files which contain news.* --weekly: files to be rotated weekly there's no way of specifying (other than modifying scripts) how given files are to be rotated. The solution I used on several computers was to modify cron.d scripts to bypass syslogd-listfiles, and create three files: syslog.daily, syslog.weekly && syslog.monthly, which all list logfiles that are to be rotated at given time periods. This way I could control, how individual files are rotated. This is IMHO a bit more general, than it was originally, but again IMHO is not the real solution. It was a quick hack, to make the system do what I wanted. The Real Solution ----------------- I think the best solution would be to move to logrotate, even if it was developed by/for RedHat. This is not an easy transition, since each package has to drop files to /etc/logrotate.d/ instead of /etc/cron.xxx. -- Bazsi PGP key: http://www.balabit.hu/pgpkey.txt, or finger bazsi@balabit.hu
Attachment:
pgpsae94_fi9D.pgp
Description: PGP signature