Like I mentioned before, on NetWare we can't use a piped log because the NetWare OS doesn't support pipes. A cron job is also a problem because we don't have that either. Since Apache created the log file, writes to the log file, formats the output and closes the log file, is it that big of a leap to have it rotate the log file as well?
Brad Brad Nicholes Senior Software Engineer Novell, Inc., a leading provider of Net business solutions http://www.novell.com >>> [EMAIL PROTECTED] Wednesday, February 27, 2002 1:45:27 PM >>> Do we really want Apache rotating logs? Apache is a web server it serves web pages really well. If you want log rotation, use either a piped log or a cron job that restarts the server. Ryan > Since I am not a Unix developer, can this security problem be overcome > somehow or does this mean that I should #ifdef the code as NETWARE > only? > > Brad > > Brad Nicholes > Senior Software Engineer > Novell, Inc., a leading provider of Net business solutions > http://www.novell.com > > >>> [EMAIL PROTECTED] Wednesday, February 27, 2002 1:34:46 PM >>> > On Wed, 27 Feb 2002, Brad Nicholes wrote: > > > This patch adds the directives LogRotateDaily and > LogRotateInterval > > to the mod_log_config modules. These directives allow all of the > custom > > logs to be automatically rotated on either a daily basis or at a > > specific interval. This patch is based on a previous patch that was > > submitted by Bertrand Demiddelaer. > > One of the problems that we have had on NetWare is the lack of > a > > way to automatically rotate the log files. NetWare is unable to use > the > > RotateLog utility due to the fact that the OS does not support pipes. > > > This patch is being submitted as a general patch rather than a > NetWare > > specific patch so that other platforms can take advantage of it if > they > > choose to. If there are objections to this patch I could submit it > as a > > NetWare only fix. If there are no objections, I would like to go > ahead > > and check it in. > > This patch is a major security problem on Unix, since you should not > have > your log files writable by the user apache runs as. They should only > be writable by the user that starts Apache (normally root). This > means > child processes can not reopen logs. > > BTW, please try to include patches in the body of the message instead > of > as binary attachments.
