newsyslog(8) patch for both size and time checks
Garance A Drosehn
gad at FreeBSD.org
Tue May 12 18:26:12 UTC 2009
At 1:59 PM +0400 5/12/09, Dmitry Morozovsky wrote:
>Dear colleagues,
>
>for now, if log is configured to be rotated in time manner, its size is not
>checked, so /var/log may be DoSed by some service (in our case, it
>was mad DHCP client which fills up our /var/log with dhcpd log; our
>newsyslog.conf
>line was
>
>/var/log/dhcpd 640 5 5000 @T00 JC
>
>The following simple patch should fix the problem. Any objection to commit
>this?
It would fix your problem, but it changes the behavior as is explicitly
documented in 'man newsyslog.conf' . There is a paragraph in the man
page which makes it clear that if both fields are specified, then the
log file will only be rotated if both conditions are true.
I agree that newsyslog needs some way to specify an "either/or"
combination of those fields. I believe I have some time to look into
changes to newsyslog right this week, so I'll see what is needed to
address this issue.
--
Garance Alistair Drosehn = drosehn at rpi.edu
Senior Systems Programmer or gad at FreeBSD.org
Rensselaer Polytechnic Institute; Troy, NY; USA
More information about the freebsd-current
mailing list