newsyslog a vlastnici logu
Roman Neuhauser
neuhauser at sigpipe.cz
Sat May 7 00:13:45 CEST 2005
# hans at stare.cz / 2005-05-06 19:11:21 +0200:
> Dobre jitro,
Ty uz to nehul :)
> mam vlastnictvi apachich logu zarizene takto:
>
> ls -l /var/log/apache
> -rw--w---- 1 smradoch www 5731 May 3 16:41 codex.sigpipe.cz.log
> -rw--w---- 1 hans www 261153 Apr 30 23:57 stare.cz.log.0.gz
> ...
>
> tj user je vlastnikem logu 'svych domen'. Tyto logy se mesicne
> rotuji pomoci newsyslogu takto:
>
> /var/log/apache/*.log 620 12 * $M1D0 BGWZ /var/run/httpd.pid
> /var/log/apache/*.err 620 12 * $M1D0 BGWZ /var/run/httpd.pid
>
> Problem je v tom, ze po zarotovani vypada vlastnictvi logu takto:
>
> -rw--w---- 1 root wheel 5731 May 3 16:41 codex.sigpipe.cz.log
> -rw--w---- 1 smradoch www 4315 Apr 29 17:03 codex.sigpipe.cz.log.0.gz
> -rw--w---- 1 root wheel 596075 May 6 18:18 stare.cz.log
> -rw--w---- 1 hans www 261153 Apr 30 23:57 stare.cz.log.0.gz
>
> To jest nove vytvoreny cerstvy log patri root:wheel (pod nimz
> jede ten newsyslog). Da se newsyslogu nejak rict, aby nove vytvorene
> soubory patrily stejnym userum, jakym patrily zarotovane logy?
>
> Podle newsyslog.conf(5) lze rici user:group, to se ovsem tyka
> logu, ktere jsem prave zalogoval (alespon tak si vykladam 'archive
> file').
>
> owner:group
> This optional field specifies the owner and group for the archive
> file. The `:' is essential regardless if the owner or
> group field is left blank or contains a value. The field may be
> numeric, or a name which is present in /etc/passwd or
> /etc/group.
>
> Muzu samozrejme napsat trivialni script okolo chown a poustet ho po
> rotaci; nebo si muzou useri poustet newsyslog sami (a mit ty logy
> kazdy u sebe doma). Tomu bych se ale rad vyhnul.
>
> Cele je to na 5.3-RELEASE-p10.
Prilozeny patch je proti CURRENTu, zkus do pole flags v tech radcich
newsyslog.conf pridat "O".
% cvs -q co src/usr.sbin/newsyslog
% cd $!
% patch < .../usr.sbin::newsyslog.c-keepowngrp,0.patch
% sudo make all install BINDIR=/usr/sbin MANDIR=/usr/share/man/man
Vysledek:
roman at dagan src/usr.sbin/newsyslog 1059:0 > ls -l /var/log/maill*
-rw-r----- 1 root roman 3057 May 6 23:45 /var/log/maillog
-rw-r----- 1 root wheel 209 Apr 6 00:00 /var/log/maillog.0.bz2
-rw-r----- 1 root wheel 215 Apr 5 00:00 /var/log/maillog.1.bz2
-rw-r----- 1 root wheel 717 Mar 28 00:00 /var/log/maillog.2.bz2
-rw-r----- 1 root wheel 1168 Mar 23 00:00 /var/log/maillog.3.bz2
-rw-r----- 1 root wheel 263 Feb 10 00:00 /var/log/maillog.4.bz2
-rw-r----- 1 root wheel 262 Feb 9 00:00 /var/log/maillog.5.bz2
-rw-r----- 1 root wheel 211 Feb 8 00:00 /var/log/maillog.6.bz2
-rw-r----- 1 root wheel 1313 Feb 7 00:00 /var/log/maillog.7.bz2
roman at dagan src/usr.sbin/newsyslog 1060:0 > sudo newsyslog -v
/var/log/all.log <7J>: does not exist, skipped.
/var/log/amd.log <7J>: does not exist, skipped.
/var/log/auth.log <7J>: size (Kb): 16 [100] --> skipping
/var/log/console.log <5J>: does not exist, skipped.
/var/log/cron <3J>: size (Kb): 46 [100] --> skipping
/var/log/daily.log <7J>: does not exist, skipped.
/var/log/debug.log <7J>: size (Kb): 0 [100] --> skipping
/var/log/kerberos.log <7J>: does not exist, skipped.
/var/log/lpd-errs <7J>: size (Kb): 0 [100] --> skipping
/var/log/maillog <7J>: --> time is up
--> trimming log....
/var/log/messages <5J>: size (Kb): 98 [100] --> skipping
/var/log/monthly.log <12J>: does not exist, skipped.
/var/log/pflog <3J>: does not exist, skipped.
/var/log/ppp.log <3J>: size (Kb): 0 [100] --> skipping
/var/log/security <10J>: size (Kb): 0 [100] --> skipping
/var/log/sendmail.st <10>: age (hr): 3 [168] --> skipping
/var/log/slip.log <3J>: size (Kb): 0 [100] --> skipping
/var/log/weekly.log <5J>: does not exist, skipped.
/var/log/wtmp <3>: --> will trim at Wed Jun 1 05:00:00 2005
/var/log/xferlog <7J>: size (Kb): 0 [100] --> skipping
Signal all daemon process(es)...
Notified daemon pid 295 = /var/run/syslog.pid
Pause 10 seconds to allow daemon(s) to close log file(s)
Compress all rotated log file(s)...
roman at dagan src/usr.sbin/newsyslog 1061:0 > ls -l /var/log/maill*
-rw-r----- 1 root roman 59 May 7 00:09 /var/log/maillog
-rw-r----- 1 root roman 858 May 7 00:09 /var/log/maillog.0.bz2
-rw-r----- 1 root roman 209 Apr 6 00:00 /var/log/maillog.1.bz2
-rw-r----- 1 root roman 215 Apr 5 00:00 /var/log/maillog.2.bz2
-rw-r----- 1 root roman 717 Mar 28 00:00 /var/log/maillog.3.bz2
-rw-r----- 1 root roman 1168 Mar 23 00:00 /var/log/maillog.4.bz2
-rw-r----- 1 root roman 263 Feb 10 00:00 /var/log/maillog.5.bz2
-rw-r----- 1 root roman 262 Feb 9 00:00 /var/log/maillog.6.bz2
-rw-r----- 1 root roman 211 Feb 8 00:00 /var/log/maillog.7.bz2
S tim, ze to chownuje vsechny stare archivy, se neda asi rozumne
nic delat, navic by mi to ani nepripadalo jako dulezita / uzitecna
vlastnost.
--
How many Vietnam vets does it take to screw in a light bulb?
You don't know, man. You don't KNOW.
Cause you weren't THERE. http://bash.org/?255991
-------------- next part --------------
Index: newsyslog.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/newsyslog/newsyslog.c,v
retrieving revision 1.101
diff -u -u -r1.101 newsyslog.c
--- newsyslog.c 3 Mar 2005 15:47:32 -0000 1.101
+++ newsyslog.c 6 May 2005 21:36:24 -0000
@@ -111,6 +111,7 @@
/* process when trimming this file. */
#define CE_CREATE 0x0100 /* Create the log file if it does not exist. */
#define CE_NODUMP 0x0200 /* Set 'nodump' on newly created log file. */
+#define CE_KEEPOWNGRP 0x0400 /* Preserve ownership of archived log files. */
#define MIN_PID 5 /* Don't touch pids lower than this */
#define MAX_PID 99999 /* was lower, see /usr/include/sys/proc.h */
@@ -449,6 +450,7 @@
fk_entry free_or_keep;
double diffsecs;
char temp_reason[REASON_MAX];
+ struct stat old_log;
free_or_keep = FREE_ENT;
if (verbose) {
@@ -559,6 +561,14 @@
* If the file needs to be rotated, then rotate it.
*/
if (ent->rotate && !norotate) {
+ if (ent->flags & CE_KEEPOWNGRP) {
+ if (stat(ent->log, &old_log) != 0) {
+ // FIXME: log
+ } else {
+ ent->uid = old_log.st_uid;
+ ent->gid = old_log.st_gid;
+ }
+ }
if (temp_reason[0] != '\0')
ent->r_reason = strdup(temp_reason);
if (verbose)
@@ -1348,6 +1358,9 @@
case 'n':
working->flags |= CE_NOSIGNAL;
break;
+ case 'o':
+ working->flags |= CE_KEEPOWNGRP;
+ break;
case 'u':
working->flags |= CE_SIGNALGROUP;
break;
More information about the Users-l
mailing list