Hi Stefan, sorry for the late reply, I'm very busy with non-Debian stuff atm... On Dienstag, 8. März 2011, Stefan Fritsch wrote: > > And then you could/would need to run piuparts on the whole archive > A good start would be all packages which have a file in > /etc/logrotate.d or depend on logrotate. But including all other > pacakges with directories in /var/log would be interesting, too, which > is not that easy: I just noticed that apt-file does not know about > empty directories. And log directories tend to be empty in the package For the piuparts.d.o usecase this doesnt really matter, a full test of a suite takes less than 2 weeks, ie squeeze was tested five times in the last two years, as you can see on http://piuparts.debian.org/squeeze/states.png :-) I actually plan to throw away the oldest ~100 logs older than 4 months each day (for the suites still in development..), so that the archives are automatically periodically retested, as dependent packages change all the time. I just dont know when I'll get around to implement those few lines of shell :/ Help in running piuparts.d.o still very much welcome & needed. > It's that using logrotate on directories writable by non-root is not > secure. There is a lengthy thread at [1] and SD's post [2] raises some > valid points that this is not completely fixable in logrotate itself. hmpf. Thanks for the pointers. cheers, Holger
Attachment:
signature.asc
Description: This is a digitally signed message part.