Package: logrotate
Version: 3.7.1-3
Severity: important
I could not find any relevant info in the man page and got surprised
that system wide parameters defined in
/etc/logrotate.conf such as
rotate 4
do not have effect in specific logrotate sections, ie there is no really
default value - it gets assumed to be 1. For instance:
if I have
[EMAIL PROTECTED]:/home/yoh.m/deb/debs/fail2ban/trunk/debian# ls -l
/var/log/fail2ban.log*
-rw-r- 1 root adm 1544 Nov 10 10:45 /var/log/fail2ban.log
-rw-r- 1 root adm 1619 Nov 10 10:45 /var/log/fail2ban.log.1
-rw-r- 1 root adm 539 Nov 10 10:45 /var/log/fail2ban.log.2.gz
-rw-r- 1 root adm 539 Nov 10 10:44 /var/log/fail2ban.log.3.gz
-rw-r- 1 root adm 537 Nov 10 10:44 /var/log/fail2ban.log.4.gz
and define fail2ban.logrotate to be
/var/log/fail2ban.log {
# assuming defaults from /etc/logrotate.conf
#weekly
#rotate 4
#compress
delaycompress
missingok
postrotate
invoke-rc.d --quiet fail2ban reload >/dev/null
endscript
create 640 root adm
}
[EMAIL PROTECTED]:/home/yoh.m/deb/debs/fail2ban/trunk/debian# logrotate --force
--verbose /etc/logrotate.d/fail2ban.logrotate
reading config file /etc/logrotate.d/fail2ban.logrotate
reading config info for /var/log/fail2ban.log
Handling 1 logs
rotating pattern: /var/log/fail2ban.log forced from command line (no old logs
will be kept)
empty log files are rotated, old logs are removed
considering log /var/log/fail2ban.log
log needs rotating
rotating log /var/log/fail2ban.log, log->rotateCount is 0
renaming /var/log/fail2ban.log.1 to /var/log/fail2ban.log.2 (rotatecount 1,
logstart 1, i 1),
renaming /var/log/fail2ban.log.0 to /var/log/fail2ban.log.1 (rotatecount 1,
logstart 1, i 0),
old log /var/log/fail2ban.log.0 does not exist
renaming /var/log/fail2ban.log to /var/log/fail2ban.log.1
disposeName will be /var/log/fail2ban.log.1
creating new log mode = 0640 uid = 0 gid = 4
running postrotate script
removing old log /var/log/fail2ban.log.1
although default parameters in logrotate.conf are
# keep 4 weeks worth of backlogs
rotate 4
I really think that is important to have defaults for logrotate so admin
doesn't have to modify every config filein /etc/logrotate.in to lets say
increase number of kept logs
-- Package-specific info:
Contents of /etc/logrotate.d
total 84
-rw-r--r-- 1 root root 137 Jan 15 2006 acpid
-rw-r--r-- 1 root root 240 Jul 15 2003 apache2
-rw-r--r-- 1 root root 79 Jun 9 2003 aptitude
-rw-r--r-- 1 root root 384 Jan 3 2004 base-config
-rw-r--r-- 1 root root 162 Mar 21 2005 checksecurity
-rw-r--r-- 1 root root 245 Jun 5 09:59 cupsys
-rw-r--r-- 1 root root 124 Apr 19 2005 dirmngr
-rw-r--r-- 1 root root 133 Jun 29 2003 distributed-net
-rw-r--r-- 1 root root 111 Sep 26 2005 dpkg
-rw-r--r-- 1 root root 170 Mar 2 2005 exim4-base
-rw-r--r-- 1 root root 325 Nov 10 10:37 fail2ban.logrotate
-rw-r--r-- 1 root root 151 Nov 11 2002 iptraf
-rw-r--r-- 1 root root 100 Jan 23 2005 kdm
-rw-r--r-- 1 root root 74 May 16 2003 mrtg
-rw-r--r-- 1 root root 466 Aug 22 2004 nessusd
-rw-r--r-- 1 root root 146 Aug 16 01:40 ntop
-rw-r--r-- 1 root root 153 Oct 20 2005 postgresql-common
-rw-r--r-- 1 root root 94 Oct 30 2003 ppp
-rw-r--r-- 1 root root 68 Dec 12 2002 scrollkeeper
-rw-r--r-- 1 root root 271 Mar 16 2005 snort
-rw-r--r-- 1 root root 58 Apr 20 2005 wdm
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (990, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages logrotate depends on:
ii anacron 2.3-11 a cron-like program that doesn't g
ii base-passwd 3.5.11 Debian base system master password
ii cron 3.0pl1-97 management of regular background p
ii libc62.3.6.ds1-4 GNU C Library: Shared libraries
ii libpopt0 1.10-3 lib for parsing cmdline parameters
ii libselinux1 1.30.28-1 SELinux shared libraries
Versions of packages logrotate recommends:
ii mailx1:8.1.2-0.20050715cvs-1 A simple mail user agent
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]