Re: NEVER remove log files without asking
There are two problems with the Apache logs:
1/ the value of the logs,
2/ the unpredictable name of the log.
For 1/, nobody mentionned legal constraints, but I think Debian should
be more careful about such valuable data: in some countries, you're
supposed to keep your logs in case the Justice needs them. It would be
nice to have a global or package-specific option to keep your logs
safe.
For 2/, it was a good idea to group the Apache logs in a single
directory, but the fact that these will be rotated or mixed with admin
specific logs renders the deletion of the log group dangerous.
In other words, "rm -rf /var/log/apache" might remove more than the
standard logs, and "rm -f /var/log/{error,access}.log" won't remove the
rotated logs.
What I would like is logrotate providing a global debconf question
wether or not to keep the logs of a package and should offer a mean of
deleting all log files rotated by a package.
For example, Apache would provide a logrotate configuration file, and
prior to its removal, logrotate would delete all logs and their
rotation referenced therein -- depending on the global debconf
"keep_my_logs_safe" value.
I think another way to go is to mark logfiles as being logfiles in
packages, or maybe log directories. For example, the Solaris package
system offers the "volatile file" type when you create a "prototype"
file.
2 ¢,
--
Loïc Minier <lool@dooz.org>
[ average Debian user ]
Reply to: