Bug#759382: marked as done (do not keep so much logs)
Your message dated Sun, 21 Sep 2014 21:20:29 +0000
with message-id <E1XVoYX-0007LS-9m@franck.debian.org>
and subject line Bug#759382: fixed in apache2 2.4.10-2
has caused the Debian Bug report #759382,
regarding do not keep so much logs
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
759382: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759382
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: do not keep so much logs
- From: Antoine Beaupré <anarcat@koumbit.org>
- Date: Tue, 26 Aug 2014 14:28:48 -0700
- Message-id: <20140826212848.9716.81869.reportbug@angela.anarc.at>
Package: apache2
Severity: wishlist
Apache, at least in Wheezy, seems to be configured by default to keep 52
log files, rotated on a weekly basis, meaning that logs are kept for a
year.
This is a long time to keep longs. It exposes our users unduly to
surveillance and privacy breaches.
It also means a lot of data to keep on disk for busy webservers. For any
moderately to high traffic webserver, this can actually fill up /var
pretty fast. For example, a server with an average of 12 hits per
second:
http://stats.koumbit.net/koumbit.net/ceres.koumbit.net/apache_accesses.html
... accumulates around 30MB *per day*. That means 11GB per year. I
suspect the default partitionning would not allocate enough space for
/var at all on most systems to cover for that.
I would suggest following the policies set for /var/log/syslog, which
are rotate daily and keey 7 days.
-- System Information:
Debian Release: 7.6
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages apache2 depends on:
pn apache2-mpm-worker | apache2-mpm-prefork | apache2-mpm-event | apac <none>
pn apache2.2-common <none>
apache2 recommends no packages.
apache2 suggests no packages.
--- End Message ---
--- Begin Message ---
Source: apache2
Source-Version: 2.4.10-2
We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 759382@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 21 Sep 2014 22:58:33 +0200
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin apache2.2-common libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: source amd64 all
Version: 2.4.10-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description:
apache2 - Apache HTTP Server
apache2-bin - Apache HTTP Server (binary files and modules)
apache2-data - Apache HTTP Server (common files)
apache2-dbg - Apache debugging symbols
apache2-dev - Apache HTTP Server (development headers)
apache2-doc - Apache HTTP Server (on-site documentation)
apache2-mpm-event - transitional event MPM package for apache2
apache2-mpm-itk - transitional itk MPM package for apache2
apache2-mpm-prefork - transitional prefork MPM package for apache2
apache2-mpm-worker - transitional worker MPM package for apache2
apache2-suexec - transitional package for apache2-suexec-pristine
apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
apache2-utils - Apache HTTP Server (utility programs for web servers)
apache2.2-bin - Transitional package for apache2-bin
apache2.2-common - Transitional package for apache2
libapache2-mod-macro - Transitional package for apache2-bin
libapache2-mod-proxy-html - Transitional package for apache2-bin
Closes: 755976 756361 759382
Changes:
apache2 (2.4.10-2) unstable; urgency=medium
.
* Pull changes from upstream 2.4.x branch up to r1626207
+ Security Fix for CVE-2013-5704: HTTP trailers could be used to
replace HTTP headers late during request processing, potentially
undoing or otherwise confusing modules that examined or modified
request headers earlier.
Adds "MergeTrailers" directive to restore legacy behavior.
.
* Switch to apache2 providing the httpd and httpd-cgi virtual packages.
The previously providing apache2-bin package lacks the configuration
files. Closes: #756361
* Keep fewer logs by default. Instead of 52 weekly logs, keep 14 daily
logs. The daily graceful restart also has the advantage of regenerating
things like TLS session ticket keys more often. Closes: #759382
* Clarify description of apache2 package. Closes: #755976
* In the maintainer script helper, print out Apache's error message if
the config check fails.
* Re-add mod_ident. It has still at least one user. LP: #1333388
Checksums-Sha1:
e8fc8c8509fb4e9fd861bccc305d58912ab9d3fc 3218 apache2_2.4.10-2.dsc
ebcf1744d65f908ea699a0a7c29e0fffb2bf115c 507480 apache2_2.4.10-2.debian.tar.xz
766be593978c61d7038f64235f81b4824d25456d 1510 libapache2-mod-proxy-html_2.4.10-2_amd64.deb
a702e8dd57a589c9645394f2abc91616a6bc11e3 1498 libapache2-mod-macro_2.4.10-2_amd64.deb
11038ddbaa5472a498d8e41f884c841086294871 201662 apache2_2.4.10-2_amd64.deb
4492350f1bb433b27f17c26b642ca7df31865b9a 162450 apache2-data_2.4.10-2_all.deb
26ff954212b37adb2b7eb985e1bdcbe2b77e8b4f 1020154 apache2-bin_2.4.10-2_amd64.deb
989aef74cdcbc7c65dff7e5fa07917cbb64fa2e2 1512 apache2-mpm-worker_2.4.10-2_amd64.deb
c079b1a48f81fe31109fd516527bffd2280bc168 1514 apache2-mpm-prefork_2.4.10-2_amd64.deb
98b8e1b3de649ee6ff590703254ca7d59d8a5da8 1514 apache2-mpm-event_2.4.10-2_amd64.deb
75e0b6f6b6cb109324b9d3aa6e2a7018cfaefa7e 1508 apache2-mpm-itk_2.4.10-2_amd64.deb
a2f9b24620105d617c95268b45f40c0b75c6b655 1524 apache2.2-bin_2.4.10-2_amd64.deb
f2d9b8cca673c010babbf8266542622c0f6c5910 121694 apache2.2-common_2.4.10-2_amd64.deb
69fa92349aef0ca6f70d799afa2f84c233d7a78c 192446 apache2-utils_2.4.10-2_amd64.deb
c417f64aa28367bf479919508eb5a02696cbdd72 1488 apache2-suexec_2.4.10-2_amd64.deb
72c9e4f66c5ef99528e70102772041713a3ae987 127376 apache2-suexec-pristine_2.4.10-2_amd64.deb
7dee3662810132d8cac00ae59132555e089791fd 128924 apache2-suexec-custom_2.4.10-2_amd64.deb
c6d7d2104805ec81067c8b04789874123d87a415 2723582 apache2-doc_2.4.10-2_all.deb
4167e4490989e34fe4a40b9230f4b4debdae8834 278486 apache2-dev_2.4.10-2_amd64.deb
db0049259a986ce895aa3fe88643079de047605d 1691174 apache2-dbg_2.4.10-2_amd64.deb
Checksums-Sha256:
bb823fa274e974eeff553c4d10937540fb0fab4ff65d04f1b8aefe8d2141b6c7 3218 apache2_2.4.10-2.dsc
87e9f606b368fb1253c283dd0fe39df4b2424b282fb076d753fcbe2a565d6fd5 507480 apache2_2.4.10-2.debian.tar.xz
40c29d77dc75e45477905976072ced7fed78835dcc684e58c2ca78a73c537b66 1510 libapache2-mod-proxy-html_2.4.10-2_amd64.deb
6a65d3bcb3421fefc46e90ea605fdef7a5490fba87845a00f73a17058feb5045 1498 libapache2-mod-macro_2.4.10-2_amd64.deb
3c2acbf1f478c2b50fc54d1aa296377e2f86d8dcc1f95cd29e6b7d3efe72defb 201662 apache2_2.4.10-2_amd64.deb
87ef3dde6078f9bf3e36a3ef78fe332ed0411b20d4b2239ec05c48e5dce53cef 162450 apache2-data_2.4.10-2_all.deb
78879ede4247abe15a9d5c5f18c0f79163072e333e367daa0940e298723027f0 1020154 apache2-bin_2.4.10-2_amd64.deb
dba79ca8a2372ac992ad464ebd75ce1058430bdb3d2e8ab8cff04edf2b78dd4f 1512 apache2-mpm-worker_2.4.10-2_amd64.deb
c630ed9c2f0267c94cd221984eebbf3e31d10c01e644c12876f98084654dee69 1514 apache2-mpm-prefork_2.4.10-2_amd64.deb
5390b5f4725429857898c02e625cc477586355926164b1883097c4ab220c2f9c 1514 apache2-mpm-event_2.4.10-2_amd64.deb
44e3e41fd9d86e3dbd103155b3a9eb3a1426515a278c87ad83449c67e4bd9425 1508 apache2-mpm-itk_2.4.10-2_amd64.deb
6582b431469000e851e7cf902e3a3c88a38e20c4b19f0b8f8c26f0e0d7d78c79 1524 apache2.2-bin_2.4.10-2_amd64.deb
2add641e8247a5ca7b6dc8d7e770b55d252e2a98d40f97f585aebd500efaba7b 121694 apache2.2-common_2.4.10-2_amd64.deb
62c9190303e24be18eaea105836331a7f0bbf06e431d677cc84dc9c428662dc3 192446 apache2-utils_2.4.10-2_amd64.deb
f6361aa51498e644a8b927275df1a4e142a9a2a73ce00d38c704b5a560c1dc91 1488 apache2-suexec_2.4.10-2_amd64.deb
c375ca3e3a818aabfc16f5f9cf35394c33b32fc74e19a6cebdf1d7df2990b580 127376 apache2-suexec-pristine_2.4.10-2_amd64.deb
03aad8a36cce5809cec533ab62fd6906a9a9a825b9c234a563974b760d11a2bd 128924 apache2-suexec-custom_2.4.10-2_amd64.deb
8db673b1cba359add77543e8739e103f7a2112b2042ef7305bb9532453c1cb5c 2723582 apache2-doc_2.4.10-2_all.deb
b916eadaffd143ef871f887b522fe53424328a04713b467789a2bcf0ae88ac0a 278486 apache2-dev_2.4.10-2_amd64.deb
bf76c7e7ff5f336e7e966eb4d0e4a936b5fb0406087b08a829234743daa629aa 1691174 apache2-dbg_2.4.10-2_amd64.deb
Files:
654185478e4c88d280c735813fdaaedc 1510 oldlibs extra libapache2-mod-proxy-html_2.4.10-2_amd64.deb
fa217c6d163179a495d0f66566d66d93 1498 oldlibs extra libapache2-mod-macro_2.4.10-2_amd64.deb
36ebb38612593beb7de5502f9bb360e9 201662 httpd optional apache2_2.4.10-2_amd64.deb
ae0cf8bc3d1d10daf535e39327d59408 162450 httpd optional apache2-data_2.4.10-2_all.deb
e5d3d84942924d193fb0c138c0f45927 1020154 httpd optional apache2-bin_2.4.10-2_amd64.deb
78ca8d6a0939a94a511bc50c048a951f 1512 oldlibs extra apache2-mpm-worker_2.4.10-2_amd64.deb
747e3119cf991abb5d52761021e85d89 1514 oldlibs extra apache2-mpm-prefork_2.4.10-2_amd64.deb
a567ce5a1d125cea5996c31bd3024d4e 1514 oldlibs extra apache2-mpm-event_2.4.10-2_amd64.deb
f239ab5c0ec1af0fc4b2cb5f70f4f3b4 1508 oldlibs extra apache2-mpm-itk_2.4.10-2_amd64.deb
35e95c1f2e6737af3c489a118d4e5032 1524 oldlibs extra apache2.2-bin_2.4.10-2_amd64.deb
bc1932b0c94b4b46ec38425e20fa9aaa 121694 oldlibs extra apache2.2-common_2.4.10-2_amd64.deb
a5daa25d59f91068532c250965c2fe1d 192446 httpd optional apache2-utils_2.4.10-2_amd64.deb
d3b46ca33f05536d335873fec87635f1 1488 oldlibs extra apache2-suexec_2.4.10-2_amd64.deb
18f0f28d233939ec05428ba2a2570335 127376 httpd optional apache2-suexec-pristine_2.4.10-2_amd64.deb
e7fd22c4f84396094488e16eb217c90e 128924 httpd extra apache2-suexec-custom_2.4.10-2_amd64.deb
cc086c1507e9d45e9fcfad2cbb22984f 2723582 doc optional apache2-doc_2.4.10-2_all.deb
6f21af8dbb37e585f60f41f31d1b50fc 278486 httpd optional apache2-dev_2.4.10-2_amd64.deb
60ed5c2c6b05381bb512ab7fbac5610b 1691174 debug extra apache2-dbg_2.4.10-2_amd64.deb
66d59ee1c3cc64c10ec6a3a1224549d6 3218 httpd optional apache2_2.4.10-2.dsc
d8ca8a17ce567a2391f3aef76b96b2a3 507480 httpd optional apache2_2.4.10-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBVB8+ScaHXzVBzv3gAQg2JA/+JwYXWFGqhAMxVwpcakZbVqrYV2oIAvvS
CMyx7A+mNkrVT4iNYo2BH4A3UT+J5h8EhQzb+LLn8kmd5MRODuA3isVvQIBo2W5d
pywJnzYOfKIH4+1kFmgrF0yMPsBRRePlDcInYmWZNBM4nod2VbfDjVYKQ+xiIfhr
q0XQrop5EqYEraXZx1NipZxU4YroogQ+fVegj5uboZROUgAzcRsSVTYc+FNdwtEf
p85yOdhVDdspASF5ucjvCvMOPpQj7etmXG5tazuK1NsHjH4jCURyMi5lxU4/aZj5
zC5r774JwXjPYPDYJlgRL9Su9Wly2dTR4G6WtBcz5X3ZfUlh4tHQk7unaWqwRkoq
AvjxaE280vTY0ChlYT3LUe1jERKeuG+6ZnJvwZczr6lQiw8inhqX/VTz+jimmMjN
DolwCcrCvz8q3VoWhQ5EZLZ0FwsKh8e59rzpOuXBzgLFB1Wu6xKTYBIqFXeZqIv9
lFF76LKLImqVyp0jhCyNzE+sE5VnGXI2qkqLrQ/zaXGFR/4cL1asOHRoF4Zsj6tm
vnx3Ro3fvozfGX5tdLQrS2FjxduSwqNIvKKY8TJNLqW0RhPiDz1i0KjhAhRn0bgv
JPLv6QdlX4MQNKc0dDO6J81N831lt9k0261mp1k4ZGh4pP6uVHZ62D0lcVS6Jeoz
cdQ02pqY4MA=
=x6CL
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: