Permissions in /var/log; logrotate
Hi all
What should permissions and ownerships for files under /var/log be?
I have the following: (really long list)
/var/log/:
total 4281
drwxr-xr-x 2 root root 1024 Jan 14 02:26 apache
-rw-r----- 1 root adm 120381 Feb 1 19:08 auth.log
-rw-r----- 1 root adm 50427 Jan 14 02:30 auth.log.0
-rw-r----- 1 root adm 9422 Jan 7 03:24 auth.log.1.gz
-rw-r----- 1 root adm 15228 Dec 31 13:54 auth.log.2.gz
-rw-r----- 1 root adm 28811 Nov 19 06:26 auth.log.3.gz
-rw------- 1 root root 10 Jan 6 18:02 auth.log.offset
-rw-rw-r-- 1 root utmp 3840 Jan 27 11:01 btmp
-rw-rw-r-- 1 root utmp 768 Dec 30 12:21 btmp.1
-rw-r----- 1 root adm 161134 Feb 1 19:07 daemon.log
-rw-r----- 1 root adm 51344 Jan 14 02:21 daemon.log.0
-rw-r----- 1 root adm 6847 Jan 7 03:10 daemon.log.1.gz
-rw-r----- 1 root adm 36185 Dec 31 13:34 daemon.log.2.gz
-rw-r----- 1 root adm 72215 Nov 19 06:10 daemon.log.3.gz
-rw------- 1 root root 10 Jan 6 18:02 daemon.log.offset
-rw-r----- 1 root adm 0 Jan 14 02:35 debug
-rw-r----- 1 root adm 0 Jan 7 03:25 debug.0
-rw-r----- 1 root adm 28 Dec 31 14:01 debug.1.gz
-rw-r----- 1 root adm 311 Dec 9 13:12 debug.2.gz
-rw-r----- 1 root adm 325 Aug 20 20:58 debug.3.gz
-rw-r--r-- 1 root root 3262 Feb 1 09:49 dmesg
drwxr-xr-x 2 mail mail 1024 Jan 20 10:03 exim
-rw-r--r-- 1 root root 24168 Feb 1 18:28 faillog
-rw-r----- 1 root adm 174773 Feb 1 17:54 kern.log
-rw-r----- 1 root adm 90265 Jan 14 02:21 kern.log.0
-rw-r----- 1 root adm 17629 Jan 7 03:10 kern.log.1.gz
-rw-r----- 1 root adm 44277 Dec 31 13:31 kern.log.2.gz
-rw-r----- 1 root adm 291 Nov 18 20:15 kern.log.3.gz
drwxr-xr-x 2 root root 1024 Jan 20 10:04 ksymoops
-rw-rw-r-- 1 root utmp 294044 Feb 1 18:59 lastlog
-rw-r----- 1 root adm 0 Jan 14 02:35 lpr.log
-rw-r----- 1 root adm 0 Jan 7 03:24 lpr.log.0
-rw-r----- 1 root adm 30 Dec 31 14:01 lpr.log.1.gz
-rw-r----- 1 root adm 30 Nov 19 06:49 lpr.log.2.gz
-rw-r----- 1 root adm 30 Aug 18 21:35 lpr.log.3.gz
-rw-r----- 1 root adm 0 Jan 14 02:35 mail.err
-rw-r----- 1 root adm 0 Jan 7 03:24 mail.err.0
-rw-r----- 1 root adm 31 Dec 31 14:01 mail.err.1.gz
-rw-r----- 1 root adm 31 Nov 19 06:49 mail.err.2.gz
-rw-r----- 1 root adm 148 Aug 19 00:03 mail.err.3.gz
-rw-r----- 1 root adm 0 Jan 14 02:35 mail.info
-rw-r----- 1 root adm 0 Jan 7 03:24 mail.info.0
-rw-r----- 1 root adm 32 Dec 31 14:01 mail.info.1.gz
-rw-r----- 1 root adm 32 Nov 19 06:49 mail.info.2.gz
-rw-r----- 1 root adm 284 Sep 15 23:07 mail.info.3.gz
-rw-r----- 1 root adm 0 Jan 14 02:35 mail.log
-rw-r----- 1 root adm 0 Jan 7 03:25 mail.log.0
-rw-r----- 1 root adm 31 Dec 31 14:01 mail.log.1.gz
-rw-r----- 1 root adm 31 Nov 19 06:49 mail.log.2.gz
-rw-r----- 1 root adm 283 Sep 15 23:07 mail.log.3.gz
-rw------- 1 root root 6 Jan 6 18:02 mail.log.offset
-rw-r----- 1 root adm 0 Jan 14 02:35 mail.warn
-rw-r----- 1 root adm 0 Jan 7 03:24 mail.warn.0
-rw-r----- 1 root adm 32 Dec 31 14:01 mail.warn.1.gz
-rw-r----- 1 root adm 32 Nov 19 06:49 mail.warn.2.gz
-rw-r----- 1 root adm 149 Aug 19 00:03 mail.warn.3.gz
-rw-r----- 1 root adm 189829 Feb 1 19:09 messages
-rw-r----- 1 root adm 96139 Jan 14 02:30 messages.0
-rw-r----- 1 root adm 18519 Jan 7 03:19 messages.1.gz
-rw-r----- 1 root adm 48772 Dec 31 13:57 messages.2.gz
-rw-r----- 1 root adm 533 Nov 19 06:27 messages.3.gz
-rw------- 1 root root 11 Jan 6 18:02 messages.offset
drwxr-sr-x 2 news news 1024 Aug 18 21:35 news
-rw-r--r-- 1 root root 181278 Feb 1 09:55 nmb
-rw-r----- 1 root adm 0 Aug 18 22:38 ppp-connect-errors
-rw-r----- 1 root adm 2368 Jan 20 10:06 setuid.changes
-rw-r----- 1 root adm 2074 Jan 19 20:56 setuid.changes.0
-rw-r----- 1 root adm 448 Jan 18 17:54 setuid.changes.1.gz
-rw-r----- 1 root adm 444 Jan 17 19:25 setuid.changes.2.gz
-rw-r----- 1 root adm 437 Jan 16 19:55 setuid.changes.3.gz
-rw-r----- 1 root adm 440 Jan 15 19:05 setuid.changes.4.gz
-rw-r----- 1 root adm 448 Jan 14 02:30 setuid.changes.5.gz
-rw-r----- 1 root adm 451 Jan 13 00:36 setuid.changes.6.gz
-rw-r----- 1 root root 374205 Jan 20 10:06 setuid.today
-rw-r----- 1 root root 374118 Jan 19 20:56 setuid.yesterday
-rw-r--r-- 1 root root 216278 Feb 1 18:26 smb
-rw-r----- 1 root adm 291245 Feb 1 19:08 syslog
-rw-r----- 1 root adm 14133 Jan 20 10:04 syslog.0
-rw-r----- 1 root adm 4279 Jan 19 20:51 syslog.1.gz
-rw-r----- 1 root adm 4309 Jan 18 17:53 syslog.2.gz
-rw-r----- 1 root adm 5139 Jan 17 19:23 syslog.3.gz
-rw-r----- 1 root adm 3934 Jan 16 19:51 syslog.4.gz
-rw-r----- 1 root adm 5630 Jan 15 19:02 syslog.5.gz
-rw-r----- 1 root adm 6345 Jan 14 02:26 syslog.6.gz
-rw------- 1 root root 10 Jan 6 18:02 syslog.offset
-rw-r----- 1 root adm 258 Jan 27 11:24 user.log
-rw-r----- 1 root adm 0 Jan 7 03:24 user.log.0
-rw-r----- 1 root adm 31 Dec 31 14:01 user.log.1.gz
-rw-r----- 1 root adm 149 Dec 25 22:26 user.log.2.gz
-rw-r----- 1 root adm 196 Oct 3 20:59 user.log.3.gz
-rw-r----- 1 root adm 0 Jan 14 02:35 uucp.log
-rw-r----- 1 root adm 0 Jan 7 03:24 uucp.log.0
-rw-r----- 1 root adm 31 Dec 31 14:01 uucp.log.1.gz
-rw-r----- 1 root adm 31 Nov 19 06:49 uucp.log.2.gz
-rw-r----- 1 root adm 31 Aug 18 21:35 uucp.log.3.gz
-rw-rw-r-- 1 root utmp 1296768 Feb 1 19:06 wtmp
-rw-rw-r-- 1 root utmp 240384 Jan 1 05:11 wtmp.1
/var/log/apache:
total 148
-rw-rw-r-- 1 www-data www-data 72637 Feb 1 18:58 access.log
-rw-rw-r-- 1 www-data www-data 21225 Jan 14 02:21 access.log.0
-rw-rw-r-- 1 www-data www-data 1612 Jan 7 02:16 access.log.1.gz
-rw-rw-r-- 1 www-data www-data 10716 Dec 31 13:34 access.log.2.gz
-rw-rw-r-- 1 www-data www-data 18200 Nov 17 00:43 access.log.3.gz
-rw-rw-r-- 1 www-data www-data 7029 Feb 1 09:49 error.log
-rw-rw-r-- 1 www-data www-data 6593 Jan 14 02:26 error.log.0
-rw-rw-r-- 1 www-data www-data 572 Jan 7 03:15 error.log.1.gz
-rw-rw-r-- 1 www-data www-data 2446 Dec 31 13:54 error.log.2.gz
-rw-rw-r-- 1 www-data www-data 3980 Nov 19 06:25 error.log.3.gz
/var/log/exim:
total 1858
-rw-r----- 1 mail mail 1652165 Feb 1 19:08 mainlog
-rw-r----- 1 mail mail 58105 Jan 20 10:03 mainlog.0
-rw-r----- 1 mail mail 18999 Jan 19 20:52 mainlog.1.gz
-rw-r----- 1 mail mail 13594 Jan 18 17:52 mainlog.2.gz
-rw-r----- 1 mail mail 19734 Jan 17 19:22 mainlog.3.gz
-rw-r----- 1 mail mail 20153 Jan 16 19:52 mainlog.4.gz
-rw-r----- 1 mail mail 28161 Jan 15 19:03 mainlog.5.gz
-rw-r----- 1 mail mail 15304 Jan 14 02:27 mainlog.6.gz
-rw-r----- 1 mail mail 4908 Jan 13 00:32 mainlog.7.gz
-rw-r----- 1 mail mail 22746 Jan 12 19:54 mainlog.8.gz
-rw-r----- 1 mail mail 16579 Jan 11 18:26 mainlog.9.gz
-rw-r----- 1 mail mail 0 Jan 20 10:03 paniclog
-rw-r----- 1 mail mail 0 Jan 19 20:52 paniclog.0
-rw-r----- 1 mail mail 31 Jan 18 17:52 paniclog.1.gz
-rw-r----- 1 mail mail 31 Jan 17 19:22 paniclog.2.gz
-rw-r----- 1 mail mail 31 Jan 16 19:52 paniclog.3.gz
-rw-r----- 1 mail mail 31 Jan 15 19:03 paniclog.4.gz
-rw-r----- 1 mail mail 31 Jan 14 02:27 paniclog.5.gz
-rw-r----- 1 mail mail 31 Jan 13 00:32 paniclog.6.gz
-rw-r----- 1 mail mail 31 Jan 12 19:54 paniclog.7.gz
-rw-r----- 1 mail mail 31 Jan 11 18:26 paniclog.8.gz
-rw-r----- 1 mail mail 31 Jan 10 08:29 paniclog.9.gz
/var/log/ksymoops:
total 88
-r--r--r-- 1 root root 20681 Jan 17 19:24 20010117192428.ksyms
-r--r--r-- 1 root root 0 Jan 17 19:24 20010117192428.modules
-r--r--r-- 1 root root 20681 Jan 18 17:54 20010118175407.ksyms
-r--r--r-- 1 root root 0 Jan 18 17:54 20010118175407.modules
-r--r--r-- 1 root root 20681 Jan 19 20:54 20010119205445.ksyms
-r--r--r-- 1 root root 0 Jan 19 20:54 20010119205445.modules
-r--r--r-- 1 root root 20681 Jan 20 10:04 20010120100459.ksyms
-r--r--r-- 1 root root 0 Jan 20 10:04 20010120100459.modules
/var/log/news:
total 0
-rw-r--r-- 1 root news 0 Aug 18 21:35 news.crit
-rw-r--r-- 1 root news 0 Aug 18 21:35 news.err
-rw-r--r-- 1 root news 0 Aug 18 21:35 news.notice
(Sorry for it being so long; please also excuse the line length :)
Anything suspicious / wrong there?
How do I change logrotate so that there aren't that many old gzipped
files kept?
Oh, and is there a program for checking/fixing permissions/ownerships
of critical files?
Cheers
Sven
--
Powered by Debian GNU/Linux
Reply to: