Package: nginx Version: 1.9.6-2 Severity: wishlist Currently the logrotate config file that is shipped with nginx specifies:
daily rotate 52 so it's keeping 52 days of logfiles (I wonder if daily used to be weekly and it was keeping a year? that would make more sense). In #759382 apache2 switched to using "daily; rotate 14" to keep 2 weeks of logs. There was a lot of discussion about the reasons to/not to keep logs in that bug and and the conclusion was: * a default of 14 days was good for privacy * a default of 14 days was enough for packages such as webalizer to still gather the data they needed * administrators that desired to keep more or less than that could always adjust the conffile and their preference would be maintained * legal responsibility to maintain logs varies by jurisdiction and is the responsbility of the sysadmin, not debian. debian's responsibility is to it's users and we should default to maintaining privacy. Thanks, -- Matt Taggart tagg...@debian.org