Problems with Cron not deleting log files
All, I am having a problem. Back in December I installed FreeBSD5.3 onto a server and have just recently found some new time to 'play' with the settings etc. I think I know what happened but I'm not sure how to fix it. I currently have a 'large number' of auth.log.x and cron.xx files under /var/log. When I first installed I remember reading some advice on 'securing' FreeBSD a little and ran the following commands: # echo "root" > /var/cron/allow && echo "root" > /var/at/at.allow # chmod o= /etc/crontab && chmod o= /usr/bin/crontab && chmod o= /usr/bin/at && chmod o= /usr/bin/atq && chmod o= /usr/bin/atrm && chmod o= /usr/bin/batch && chmod o= /etc/fstab && chmod o= /etc/ftpusers && chmod o= /etc/group && chmod o= /etc/hosts && chmod o= /etc/hosts.allow && chmod o= /etc/hosts.equiv && chmod o= /etc/hosts.lpd && chmod o= /etc/inetd.conf && chmod o= /etc/login.access && chmod o= /etc/login.conf && chmod o= /etc/newsyslog.conf && chmod o= /etc/rc.conf && chmod o= /etc/ssh/sshd_config && chmod o= /etc/sysctl.conf && chmod o= /etc/syslog.conf && chmod o= /etc/ttys && chmod o= /var/log && chflags sappnd /var/log && chflags sappnd /var/log/* && chmod o= /usr/bin/users && chmod o= /usr/bin/w && chmod o= /usr/bin/who && chmod o= /usr/bin/lastcomm && chmod o= /usr/sbin/jls && chmod o= /usr/bin/last && chmod o= /usr/sbin/lastlogin && chmod ugo= /usr/bin/rlogin && chmod ugo= /usr/bin/rsh I believe that for some reason the Cron daemon was unable to copy the files properly when it was trying to turn them over. Now when I try to remove the files I get an error. Below is a small sample... Thanks in advance for your help. ~REM # rm cron.zzuL4BB rm: cron.zzuL4BB: Operation not permitted FreeBSD tco1.iaminsane.net 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 -rwxr- 1 root wheel 75 Jan 12 02:00 auth.log.zzcek12 -rwxr- 1 root wheel 76 Feb 17 23:00 auth.log.zzhTnRK -rwxr- 1 root wheel 76 Feb 13 02:00 auth.log.zziSwsY -rwxr- 1 root wheel 76 Feb 19 01:00 auth.log.zzkW0uv -rwxr- 1 root wheel 76 Feb 11 08:00 auth.log.zzkwJcT -rwxr- 1 root wheel 76 Jan 4 13:00 auth.log.zzkzLR4 -rwxr- 1 root wheel 76 Jan 15 03:00 auth.log.zzpMZnk -rwxr- 1 root wheel 76 Feb 26 01:00 auth.log.zzqHHQF -rwxr- 1 root wheel 75 Jan 10 05:00 auth.log.zzsUDaP -rwxr- 1 root wheel 76 Jan 5 01:00 auth.log.zzyMumT -rwxr- 1 root wheel 76 Jan 7 02:00 auth.log.zzzLgvw -rw--- 1 root wheel3464472 Mar 8 17:15 cron -rwxr- 1 root wheel 919147 Dec 29 18:00 cron.0 -rwxr- 1 root wheel 76 Dec 9 14:00 cron.z01GcNu -rwxr- 1 root wheel 76 Dec 18 20:00 cron.z0smBRG -rwxr- 1 root wheel 76 Dec 28 03:00 cron.z1POYdD -rwxr- 1 root wheel 76 Dec 16 17:00 cron.zvh7LvG -rwxr- 1 root wheel 76 Dec 19 10:00 cron.zvmZm3L -rwxr- 1 root wheel 76 Dec 27 19:00 cron.zvnEACt -rwxr- 1 root wheel 76 Dec 23 22:00 cron.zw9E9HU -rwxr- 1 root wheel 76 Dec 21 09:00 cron.zwJmzq5 -rwxr- 1 root wheel 76 Dec 18 13:00 cron.zwTOEch -rwxr- 1 root wheel 76 Dec 8 16:00 cron.zwn8Fgs -rwxr- 1 root wheel 76 Dec 16 00:00 cron.zzSAEOg -rwxr- 1 root wheel 76 Mar 8 16:54 cron.zzuL4BB -rw--- 1 root wheel 68 Mar 8 14:28 debug.log -rwxr- 1 root wheel 5944 Dec 6 03:01 dmesg.today -rw-r--r-- 1 root wheel 28028 Dec 5 21:51 lastlog -rw-r--r-- 1 root wheel 0 Nov 4 20:27 lpd-errs -rw-r- 1 root wheel2018303 Mar 8 14:29 maillog -rwxr- 1 root wheel 6479 Dec 8 00:00 maillog.0 -rwxr- 1 root wheel 59 Dec 7 00:00 maillog.z4Bh3Oh -rwxr- 1 root wheel 59 Dec 6 00:00 maillog.zFWlD9W -rwxr- 1 root wheel 59 Dec 8 00:00 maillog.zcjrODo -rw-r--r-- 1 root wheel 46520 Mar 8 17:19 messages -rwxr- 1 root wheel192 Dec 6 03:01 mount.today -rwxr- 1 root wheel 0 Mar 8 14:24 newfile -rw-r- 1 root network0 Nov 4 20:27 ppp.log -rw--- 1 root wheel 0 Nov 4 20:27 security -rw-r- 1 root wheel 0 Nov 4 20:27 sendmail.st -rwxr- 1 root wheel 0 Dec 5 22:00 sendmail.st.0 -rwxr- 1 root wheel 0 Dec 5 22:00 sendmail.st.zJ24IkB -rwxr- 1 root wheel 3721 Dec 6 03:01 setuid.today -rw-r- 1 root network0 Nov 4 20:27 slip.log -rw--- 1 root wheel310 Feb 11 17:19 userlog drwxr- 2 root bin 512 Mar 8 13:57 webmin -rw-r--r-- 1 root wheel 3168 Mar 8 15:34 wtmp -rw--- 1 root wheel 0 Nov 4 20:27 xferlog ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org
Re: Problems with Cron not deleting log files
On Tue, Mar 08, 2005 at 05:22:08PM -0500, Richard Mcintyre wrote: > All, > > I am having a problem. Back in December I installed FreeBSD5.3 onto a > server and have just recently found some new time to 'play' with the > settings etc. > > I think I know what happened but I'm not sure how to fix it. > > I currently have a 'large number' of auth.log.x and cron.xx > files under /var/log. Use newsyslog(8) and /etc/newsyslog.conf to manage your log files instead of your home-grown non-working method. -- Jonathan Chen <[EMAIL PROTECTED]> -- "Lots of folks confuse bad management with destiny" - Kin Hubbard ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problems with Cron not deleting log files
Jonathan Chen wrote: On Tue, Mar 08, 2005 at 05:22:08PM -0500, Richard Mcintyre wrote: All, I am having a problem. Back in December I installed FreeBSD5.3 onto a server and have just recently found some new time to 'play' with the settings etc. I think I know what happened but I'm not sure how to fix it. I currently have a 'large number' of auth.log.x and cron.xx files under /var/log. Use newsyslog(8) and /etc/newsyslog.conf to manage your log files instead of your home-grown non-working method. Thank you very much for your sarcastic comment, however, you must have read that far then stopped. The problem is not with the number of extra log files, the problem is that I cannot delete them. AT ALL. As far as 'my home-grown non-working method' of managing my log files, it doesn't exist. In that I had not modified any of the initial settings of /etc/newsyslog.conf or any other conf files. the only commands I ran on the system were the long string of chmod commands I listed. Thanks again, ~REM ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problems with Cron not deleting log files
> > Jonathan Chen wrote: > > >On Tue, Mar 08, 2005 at 05:22:08PM -0500, Richard Mcintyre wrote: > > > > > >>All, > >> > >>I am having a problem. Back in December I installed FreeBSD5.3 onto a > >>server and have just recently found some new time to 'play' with the > >>settings etc. > >> > >>I think I know what happened but I'm not sure how to fix it. > >> > >>I currently have a 'large number' of auth.log.x and cron.xx > >>files under /var/log. > >> > >> > > > >Use newsyslog(8) and /etc/newsyslog.conf to manage your log files > >instead of your home-grown non-working method. > > > > > Thank you very much for your sarcastic comment, however, you must have > read that far then stopped. The problem is not with the number of extra > log files, the problem is that I cannot delete them. AT ALL. As far as > 'my home-grown non-working method' of managing my log files, it doesn't > exist. In that I had not modified any of the initial settings of > /etc/newsyslog.conf or any other conf files. the only commands I ran on > the system were the long string of chmod commands I listed. The point is that newsyslog will delete them for you. Just get the configuration right. There is no need to use any other cron job for this and that would probably be more difficult to get right. If you are having trouble manually deleting the log files, I don't have the original post info to get an idea of what is going on. jerry > > Thanks again, > ~REM > ___ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problems with Cron not deleting log files
On Tue, 8 Mar 2005, Richard Mcintyre wrote: Thank you very much for your sarcastic comment, however, you must have read that far then stopped. The problem is not with the number of extra log files, the problem is that I cannot delete them. AT ALL. As far as 'my home-grown non-working method' of managing my log files, it doesn't exist. In that I had not modified any of the initial settings of /etc/newsyslog.conf or any other conf files. the only commands I ran on the system were the long string of chmod commands I listed. That seems strange, because the file name format doesn't look anything like what newsyslog normally does. This is what log files look like on my 5.3-RELEASE-p5 system: $ ls -lrt /var/log [snip...] -rw-r- 1 rootwheel 728 Mar 5 03:06 sendmail.st.0 -rw--- 1 rootwheel 5959 Mar 5 17:00 cron.1.bz2 -rw-r- 1 rootwheel 778 Mar 6 00:00 maillog.3.bz2 -rw-r--r-- 1 rootwheel 30735 Mar 6 00:00 daemon.3.bz2 -rw-r--r-- 1 rootwheel 34760 Mar 6 00:00 all.log.3.bz2 -rw-r--r-- 1 rootwheel 49601 Mar 7 00:00 all.log.2.bz2 -rw-r- 1 rootwheel 645 Mar 7 00:00 maillog.2.bz2 -rw-r--r-- 1 rootwheel 46138 Mar 7 00:00 daemon.2.bz2 -rw-r--r-- 1 rootwheel 16217 Mar 7 19:45 console.log -rw-r--r-- 1 rootwheel 72179 Mar 7 19:45 messages -rw--- 1 rootwheel 13227 Mar 7 19:45 auth.log -rw-r- 1 rootwheel 642 Mar 8 00:00 maillog.1.bz2 -rw-r--r-- 1 rootwheel 31980 Mar 8 00:00 daemon.1.bz2 -rw-r--r-- 1 rootwheel 35479 Mar 8 00:00 all.log.1.bz2 -rw--- 1 rootwheel 5453 Mar 8 10:00 cron.0.bz2 -rw-r--r-- 1 rootwheel 36777 Mar 9 00:00 daemon.0.bz2 -rw-r--r-- 1 rootwheel 41041 Mar 9 00:00 all.log.0.bz2 -rw-r- 1 rootwheel 644 Mar 9 00:00 maillog.0.bz2 -rw-r- 1 rootwheel 728 Mar 9 03:06 sendmail.st -rw-r- 1 rootwheel 2124 Mar 9 03:06 maillog -rw--- 1 rootwheel 34519 Mar 9 08:05 cron -rw-r--r-- 1 rootwheel167201 Mar 9 08:06 all.log *something's* messing with your log files. That they're all the same size is pretty odd too. Look around in /var/log/messages or /var/log/cron and see if anything looks related. -- David Fleck [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problems with Cron not deleting log files
Richard Mcintyre wrote: # rm cron.zzuL4BB rm: cron.zzuL4BB: Operation not permitted Of course, the classic answer is a question in itself... "Are you doing this as root?" Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"