Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Logs not rotated
Top Forums UNIX for Beginners Questions & Answers Logs not rotated Post 303027231 by Ralph on Wednesday 12th of December 2018 03:48:20 AM
Old 12-12-2018
Logs not rotated
I'm fairly new to this...

System: Kali Linux - based on Debian (Stretch)
uname -a : Linux kali 4.18.0-kali3-amd64 #1 SMP Debian 4.18.20-2kali2 (2018-11-30) x86_64 GNU/Linux

I noticed that the space on my root partition was continuously shrinking even though I didn't do much on the machine and it wasn't even running continuously. Then I tested a script with a lot of calls to sudo in it and noticed that var/log/auth.log was getting rather large - understandable because of the sudo calls. I took a closer look at /var/log and it looks like there haven't been any log rotations since the end of August.

According to crontab they should be rotated every day. (I'm not sure what role anacron plays here currently which may be responsible for this kind of task if the machine isn't running 24/7.)

I took a look at /etc/cron.daily/logrotate (see below) and I don't understand the purpose of the test for the existence of /run/systemd/system and the exit if it exists. The directory is empty but it exists - so unless it disappears periodically the rest of the script will never execute.

I then executed the command /usr/sbin/logrotate /etc/logrotate.conf (at the end of the script) by hand and the logs were rotated.

Code:
root@kali:/var/log# ll auth*
-rw-r----- 1 root adm      2013 Dec 12 16:25 auth.log
-rw-r----- 1 root adm 264686726 Dec 12 15:15 auth.log.1
-rw-r----- 1 root adm      1107 Aug 28 05:39 auth.log.2.gz
-rw-r----- 1 root adm      2342 Aug  5 21:10 auth.log.3.gz
-rw-r----- 1 root adm      4927 Jul 30 08:39 auth.log.4.gz

Okay, I may be on a completely wrong track here and would benefit from a hint in the right direction.

Here the code of /etc/cron.daily/logrotate:
Code:
#!/bin/sh

# skip in favour of systemd timer
if [ -d /run/systemd/system ]; then
    exit 0
fi

# this cronjob persists removals (but not purges)
if [ ! -x /usr/sbin/logrotate ]; then
    exit 0
fi

/usr/sbin/logrotate /etc/logrotate.conf
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
    /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit $EXITVALUE

Thanks.
 

8 More Discussions You Might Find Interesting

1. UNIX Desktop Questions & Answers

Logs

hi My name is Juan I dont can clear wtmp and similiar files how i do it? thanks (4 Replies)
Discussion started by: jtapia
4 Replies

2. UNIX for Dummies Questions & Answers

logs

can i include this command into my crontab file > /var/adm/wtmp to clear the contents on a regular basis ? what about file permissions ? (6 Replies)
Discussion started by: cubicle^dweller
6 Replies

3. Shell Programming and Scripting

Logs

Hey Guys, i am new into shell programming and i have to do one script which have to record all the commands entered by a specific user. Example of that, i have a system running on unix, several users are using this system, i have to create like a databse which will record every user entered that... (5 Replies)
Discussion started by: charbel
5 Replies

4. UNIX for Advanced & Expert Users

logs

Hy, I have a question I have a directory in a unix server, Some of my files have a diffrent access time, from the time i accessed them last, I think some one has copied it,it's not an important file,but none the less,it is my file,It mistakenly had a 777 permission( yes ,I know it is a noob's... (1 Reply)
Discussion started by: lordmod
1 Replies

5. Shell Programming and Scripting

Grep yesterday logs from weblogic logs

Hi, I am trying to write a script which would go search and get the info from the logs based on yesterday timestamp and write yesterday logs in new file. The log file format is as follows: """"""""""""""""""""""""""... (3 Replies)
Discussion started by: harish.parker
3 Replies

6. UNIX Desktop Questions & Answers

regarding logs

Hi , I am running an application on my windows and it logs are generated at /var/logs and for this i have to go this location and then do tail -f , Is there any command you can advise me so that when I execute this command at this location that logs get displayed fully and as the application... (3 Replies)
Discussion started by: KAREENA18
3 Replies

7. Shell Programming and Scripting

Help needed on Perl Script to Handle Log files that are rotated using logrotate

Hello all, I am working on a perl script which will read weblogic logfile and send the error messages to Zenoss Monitoring tool. At present the script works and it can able to send the error messages to Zenoss. The problem comes when the logrotate has been applied to the weblogic log file. At... (3 Replies)
Discussion started by: kar_333
3 Replies

8. Shell Programming and Scripting

If I ran perl script again,old logs should move with today date and new logs should generate.

Appreciate help for the below issue. Im using below code.....I dont want to attach the logs when I ran the perl twice...I just want to take backup with today date and generate new logs...What I need to do for the below scirpt.............. 1)if logs exist it should move the logs with extention... (1 Reply)
Discussion started by: Sanjeev G
1 Replies

LEARN ABOUT OPENDARWIN

cron

cron(1M)                                                  System Administration Commands                                                  cron(1M)

NAME

       cron - clock daemon

SYNOPSIS

       /usr/sbin/cron

DESCRIPTION

       cron starts a process that executes commands at specified dates and times.

       You   can   specify   regularly   scheduled  commands  to  cron  according  to  instructions  found  in  crontab  files  in  the  directory
       /var/spool/cron/crontabs. Users can submit their own crontab file using the crontab(1) command. Commands which are to be executed only once
       can be submitted using the at(1) command.

       cron  only examines crontab or at command files during its own process initialization phase and when the crontab or at command is run. This
       reduces the overhead of checking for new or changed files at regularly scheduled intervals.

       As cron never exits, it should be executed only once. This is done routinely by way  of  the  svc:/system/cron:default  service.  The  file
       /etc/cron.d/FIFO file is used as a lock file to prevent the execution of more than one instance of cron.

       cron captures the output of the job's stdout and stderr streams, and, if it is not empty, mails the output to the user. If the job does not
       produce output, no mail is sent to the user. An exception is if the job is an at(1) job and the -m option was specified when  the  job  was
       submitted.

       cron and at jobs are not executed if your account is locked. Jobs and processses execute. The shadow(4) file defines which accounts are not
       locked and will have their jobs and processes executed.

   Setting cron Jobs Across Timezones
       The timezone of the cron daemon sets the system-wide timezone for cron entries. This, in turn, is  by  set  by  default  system-wide  using
       /etc/default/init.

       If  some  form  of  daylight savings or summer/winter time is in effect, then jobs scheduled during the switchover period could be executed
       once, twice, or not at all.

   Setting cron Defaults
       To keep a log of all actions taken by cron, you must specify CRONLOG=YES in the /etc/default/cron file. If you specify CRONLOG=NO, no  log-
       ging is done. Keeping the log is a user configurable option since cron usually creates huge log files.

       You  can  specify the PATH for user cron jobs by using PATH= in /etc/default/cron. You can set the PATH for root cron jobs using SUPATH= in
       /etc/default/cron. Carefully consider the security implications of setting PATH and SUPATH.

       Example /etc/default/cron file:

       CRONLOG=YES
       PATH=/usr/bin:/usr/ucb:

       This example enables logging and sets  the  default  PATH  used  by  non-root  jobs  to  /usr/bin:/usr/ucb:.  Root  jobs  continue  to  use
       /usr/sbin:/usr/bin.

       The cron log file is periodically rotated by logadm(1M).

FILES

       /etc/cron.d                     Main cron directory

       /etc/cron.d/FIFO                Lock file

       /etc/default/cron               cron default settings file

       /var/cron/log                   cron history information

       /var/spool/cron                 Spool area

       /etc/cron.d/queuedefs           Queue description file for at, batch, and cron

       /etc/logadm.conf                Configuration file for logadm

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWcsu                      |
       +-----------------------------+-----------------------------+

SEE ALSO

       svcs(1), at(1), crontab(1), sh(1), logadm(1M), svcadm(1M), queuedefs(4), shadow(4), attributes(5), smf(5)

NOTES

       The cron service is managed by the service management facility, smf(5), under the service identifier:

       svc:/system/cron:default

       Administrative  actions  on  this  service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The ser-
       vice's status can be queried using the svcs(1) command.

DIAGNOSTICS

       A history of all actions taken by cron is stored in /var/cron/log and possibly in /var/cron/olog.

SunOS 5.10                                                          5 Aug 2004                                                            cron(1M)
All times are GMT -4. The time now is 12:57 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy