svn commit: r233167 - head/etc
Ian Lepore
freebsd at damnhippie.dyndns.org
Mon Mar 19 15:28:48 UTC 2012
On Mon, 2012-03-19 at 09:30 +0000, Gleb Smirnoff wrote:
> Author: glebius
> Date: Mon Mar 19 09:30:40 2012
> New Revision: 233167
> URL: http://svn.freebsd.org/changeset/base/233167
>
> Log:
> Rotate auth.log and messages at the beginning of a year. Otherwise,
> daily security checks 800.loginfail and 900.tcpwrap may produce
> false positive alerts.
>
> Modified:
> head/etc/newsyslog.conf
>
> Modified: head/etc/newsyslog.conf
> ==============================================================================
> --- head/etc/newsyslog.conf Mon Mar 19 08:10:23 2012 (r233166)
> +++ head/etc/newsyslog.conf Mon Mar 19 09:30:40 2012 (r233167)
> @@ -19,7 +19,7 @@
> # logfilename [owner:group] mode count size when flags [/pid_file] [sig_num]
> /var/log/all.log 600 7 * @T00 J
> /var/log/amd.log 644 7 100 * J
> -/var/log/auth.log 600 7 100 * JC
> +/var/log/auth.log 600 7 100 @0101T JC
> /var/log/console.log 600 5 100 * J
> /var/log/cron 600 3 100 * JC
> /var/log/daily.log 640 7 * @T00 JN
> @@ -28,7 +28,7 @@
> /var/log/kerberos.log 600 7 100 * J
> /var/log/lpd-errs 644 7 100 * JC
> /var/log/maillog 640 7 * @T00 JC
> -/var/log/messages 644 5 100 * JC
> +/var/log/messages 644 5 100 @0101T JC
> /var/log/monthly.log 640 12 * $M1D0 JN
> /var/log/pflog 600 3 100 * JB /var/run/pflogd.pid
> /var/log/ppp.log root:network 640 3 100 * JC
This change may not behave exactly as you expect unless the patch in PR
kern/160432 or something equivelent is commited. (It should have been
bin/ not kern/, my bad.)
http://www.freebsd.org/cgi/query-pr.cgi?pr=160432
To summarize, if both 'size' and 'when' are specified, the size is
ignored and only the time is used. The patch in that PR fixes it.
We've been running our embedded products with the patch for years
because rotating based on size is important when /var/log is a ramdisk.
-- Ian
More information about the svn-src-all
mailing list