Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 10933 - logrotate config
Summary: logrotate config
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High enhancement (vote)
Assignee: Mr. Bones. (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on: 7144
Blocks:
  Show dependency tree
 
Reported: 2002-11-18 18:29 UTC by Ole Tange
Modified: 2003-05-14 04:42 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ole Tange 2002-11-18 18:29:28 UTC
Here is a suggestion for a default config for logrotate: 
 
# see "man logrotate" for details 
# rotate log files weekly 
weekly 
 
# keep 52 weeks worth of backlogs 
rotate 52 
 
# send errors to root 
errors root 
 
# create new (empty) log files after rotating old ones 
create 
 
# uncomment this if you want your log files compressed 
compress 
 
include /etc/logrotate.d 
 
# no packages own lastlog or wtmp -- we'll rotate them here 
/var/log/wtmp { 
    rotate 10 
}
Comment 1 Ole Tange 2002-11-18 18:31:48 UTC
Remember to mkdir /etc/logrotate.d 
 
Also this seems not to work: 
 
# send errors to root  
errors root  
 
Comment 2 Mr. Bones. (RETIRED) gentoo-dev 2003-02-24 15:12:45 UTC
I recommend this instead (ripped and modified from Redhat):

# see "man logrotate" for details
# rotate log files weekly
weekly
#daily

# keep 4 weeks worth of backlogs
rotate 4

# create new (empty) log files after rotating old ones
create

# uncomment this if you want your log files compressed
compress

# RPM packages drop log rotation information into this directory
include /etc/logrotate.d

notifempty
nomail
noolddir

# no packages own lastlog or wtmp -- we'll rotate them here
/var/log/wtmp {
    monthly
    create 0664 root utmp
    rotate 1
}

# system-specific logs may be also be configured here.
Comment 3 Ole Tange 2003-03-30 08:55:20 UTC
I think the european law wants you to keep 1 year of logging. So Michael's 4 weeks 
should be 52 instead. If people have a lot of logging so they do not have the space to 
keep 1 year of compressed logfiles then they probably have to tune other logging 
parameters as well. 
 
Comment 4 Mr. Bones. (RETIRED) gentoo-dev 2003-03-30 12:29:05 UTC
Do you have a url that talks about this?  I'd be really suprised if
any law anywhere specified how much logging was required for personal
computer systems.

Gentoo isn't primarily used in corporate settings at this time and in companies
it is, it's that company's responsibility to comply with any local or national
laws.

I think the default should remain at one month as that is reasonable for 
personal users.
Comment 5 Ole Tange 2003-03-30 13:43:12 UTC
I cannot seem to find the law now. It was part of the terror-bill as I recall. 
 
But really: What is the problem in using 52 weeks instead? You use a bit more space. For 
a personal workstation this space is _very_ limited and for a commercial workstation this 
space is well used if I am right about the law. 
 
Could you elaborate on why you consider 4 weeks "reasonable"? IMHO I would find 52 
weeks reasonable if the 51 weeks are compressed and not really taking up serious 
amount of space. 
 
 
Comment 6 Mr. Bones. (RETIRED) gentoo-dev 2003-04-04 20:15:07 UTC
You identified the problem I have with changing to 52 weeks in your last
comment: "You use a bit more space."

I believe the current setting is adequate for a most people and the setting
is easily changed locally by those, like you, who desire longer-lasting logging.

In the absence of any confirmation regarding the legal requirement of individuals
to keep a year's worth of logs available, I still don't see any reason to change
the current default of four weeks.
Comment 7 Aron Griffis (RETIRED) gentoo-dev 2003-04-22 22:01:33 UTC
Re-assign to Michael Sterrett since he's now a dev and can decide what needs to be done next, if anything, to finish this out.
Comment 8 Andreas Simon 2003-05-14 03:57:42 UTC
Regarding the european law: 
This law affects only facilities which offer public telecommunication services, like 
internet providers, mailbox carriers, etc. The private sector is not affected at all. 
SuSE, Red Hat, Mandrake, etc. all don't configure logrotate to archive a full year of 
logs. They all have a default of four weeks, which is usually more than enough. Also 
Gentoo is not the distribution you find usually in the high-end server area but more 
typically in a geek's room -- why bother to have a default configuarion which suits 
internet providers, do you think they deploy a default Gentoo installation? Anyway I 
think the current default (4 weeks) is more then enough. 
 
Comment 9 Mr. Bones. (RETIRED) gentoo-dev 2003-05-14 04:42:38 UTC
Thanks for the clear summary on the European law situation Andreas.

I'm going to close this bug because:
1. I think it duplicates, at least in sprit, parts of bug#7144.
2. We've talked around the weeks on-line thing enough.
3. Everyone is free to modify their local logrotate setup to suit their needs.

I've added a new revision of the logrotate ebuild to portage which installs
a default logrotate.conf.  Please make any other concerns about the default
logrotate.conf known in a new bug.

Thanks.