misc/142467: /var/log/auth.log may not be rotated for yours

Mister Olli mister.olli at googlemail.com
Fri Jan 8 10:40:02 UTC 2010

>Number:         142467
>Category:       misc
>Synopsis:       /var/log/auth.log may not be rotated for yours
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 08 10:40:02 UTC 2010
>Originator:     Mister Olli
>Release:        8.0, 6.2, 7.0
FreeBSD SYSTEM 6.2-RELEASE-p9 FreeBSD 6.2-RELEASE-p9 #6: Fri Feb 22 16:11:56 CET 2008     SYSTEM:/usr/obj/usr/src/sys/CUSTOM  i386

On system with rare logins /var/log/auth.log may not get rotated, as '/etc/newsyslog.conf' is configured to rotate if filesize > 100kb.

As login attempts via SSH are saved without year information '/etc/periodic/security/800.loginfail' will report fail logins from past years. This heavily confuses users.

- Make a default installation
- Do some failed logins
- Wait 1 year ;-)
'/var/log/auth.log' should be rotated at least once a year.


More information about the freebsd-bugs mailing list