Re: logrotate: three questions

To: Debian-User <debian-user@lists.debian.org>
Subject: Re: logrotate: three questions
From: David Clymer <david@zettazebra.com>
Date: Sun, 15 Feb 2004 15:24:31 -0500
Message-id: <[🔎] 1076874066.1003.337.camel@zepto>
In-reply-to: <[🔎] slrnc2v6qq.bdd.spam@home.bounceswoosh.org>
References: <[🔎] slrnc2v6qq.bdd.spam@home.bounceswoosh.org>

On Sun, 2004-02-15 at 11:16, Monique Y. Herman wrote:
> Hi all!  I've looked in the logrotate man page, /usr/share/doc/logrotate
> (not much there), and google, and I can't seem to find the answer to
> these questions:
> 
> 1) I'd like to have the option of never deleting the backups for certain
> files.  The 'rotate' keyword doesn't seem to do this for me, since 0
> indicates no logkeeping at all.  Is there a way to specify that I don't
> ever want to delete my logs?  Is this perhaps done simply by not having
> a default 'rotate' entry and not specifying a 'rotate' value for the
> files in question?
> 

I dont have a logrotate answer to this, but you could possibly make a
script/cron job to copy or move or rename your Nth rotated log. However
that might not work very well if you are rotating based on size rather
than by time interval.

uh..ok. strike that, just use the logrotate config postrotate directive
to run a script that does the above.

> 2) The 'extension' keyword -- can it be used to embed a date instead of
> a number into the backups?  I found a number of posts asking this
> question on google, but no definitive answer.  If I *did* manage to do
> so, would putting dots in the filename confuse logrotate?  How does it
> parse the files?  (The latter is probably a RTFS question, huh?)
> 

from a quick glance through the code and a little experimentation, I
would guess that you wont be able to add a date in the way you are
suggesting. However, you could again, use a postrotate script to mv the
rotated file.

/root/test.log {
  rotate 1
  postrotate
    mv /root/test.log.1 "/root/minicom.log.`date +%F-%T`.1"
  endscript
}

This would solve both the date problem and the "keep your logs forever"
problem.

> 3) Permissions.  The logrotate app is only executable by root on my box.
> I'm trying to imagine the situation in which giving a normal user access
> to logrotate would hurt anything, as long as logs have appropriate
> permissions.  Could the paranoid among us speak up and educate me?
> 

Actually, users already have access to logrotate. Its just that
/usr/sbin usually isnt in their path by default. So the only thing you
really need to consider is permissions (assuming the debian security
folks have already thought through problems with users accessing
logrotate itself). As long as they only have permissions on logs that
you dont care about, then I dont see a problem.

-davidc

Reply to:

References:
- logrotate: three questions
  - From: "Monique Y. Herman" <spam@bounceswoosh.org>

Prev by Date: Re: downloading dependency files
Next by Date: Re: downloading dependency files
Previous by thread: Re: logrotate: three questions
Next by thread: Modifying pdf metadata
Index(es):
- Date
- Thread