Difference between revisions of "Logrotate"

From ArchWiki
Jump to: navigation, search
(logs not being rotated)
m (update man page link)
 
(17 intermediate revisions by 12 users not shown)
Line 1: Line 1:
 
[[Category:Daemons and system services]]
 
[[Category:Daemons and system services]]
 
[[Category:Data compression and archiving]]
 
[[Category:Data compression and archiving]]
{{Article summary start}}
+
[[ja:Logrotate]]
{{Article summary text|An introduction to the popular log maintenance utility.}}
+
{{Related articles start}}
{{Article summary heading|Related}}
+
{{Related|Cron}}
{{Article summary wiki|Cron}}
+
{{Related|systemd/Timers}}
{{Article summary heading|Resources}}
+
{{Related articles end}}
{{Article summary link|Logrotate on Gentoo Linux Wiki|http://en.gentoo-wiki.com/wiki/Logrotate}}
 
{{Article summary end}}
 
  
From https://fedorahosted.org/logrotate/:
+
From https://github.com/logrotate/logrotate:
  
 
:''The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size.''
 
:''The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size.''
Line 17: Line 15:
 
==Installation==
 
==Installation==
  
{{Pkg|logrotate}} is available in [core] and is installed as a member of the '''base''' group.
+
Logrotate can be installed with the {{Pkg|logrotate}} package. It is installed by default as it is member of the {{Grp|base}} group.
  
# pacman -S logrotate
+
By default, logrotate runs daily using a [[systemd/Timers|systemd timer]]: {{ic|logrotate.timer}}.
  
Typically, logrotate is run via a [[cron]] job; {{ic|/etc/cron.daily/logrotate}} is included in the package.
+
==Configuration==
  
==Configuration==
+
The primary configuration file for logrotate which sets default parameters is {{ic|/etc/logrotate.conf}}; additional application-specific configuration files are included from the {{ic|/etc/logrotate.d}} directory. Values set in application-specific configuration files override those same parameters in the primary configuration file.
  
The primary configuration file for logrotate is {{ic|/etc/logrotate.conf}}; additional configuration files are included from the {{ic|/etc/logrotate.d}} directory.
+
To verify if logrotate works correctly run the following command which will produce debug output:
 +
logrotate -d
 +
To test your logrotate script, for example your nginx logrotate script in ''/etc/logrotate.d'' directory, use:
 +
logrotate -f -v /etc/logrotate.d/nginx
  
 
==Troubleshooting==
 
==Troubleshooting==
  
=== logs not being rotated ===
+
=== exim log not rotated ===
 +
 
 +
If you have set the {{ic|olddir}} variable in {{ic|/etc/logrotate.conf}}, you will get a message such as:
 +
 
 +
{{Ic|error: failed to rename /var/log/exim/mainlog to /var/log/old/mainlog.1: Permission denied}}
  
If you find that your logs aren't being rotated via the cronjob, one reason for that can be wrong {{ic|user}} and {{ic|group}} ownership. Both need to be {{ic|root}}. To fix this either do:
+
To fix this, add the user {{ic|exim}} to the group {{ic|log}}. Then change the group of the {{ic|olddir}}, usually {{ic|/var/log/old}}, to {{ic|log}} instead of the default {{ic|root}}.
  
 +
=== Check logrotate status ===
 +
Run {{ic|cat /var/lib/logrotate.status}} to see which logrotate files were rotated.
 
{{bc|
 
{{bc|
# chown root:root /etc/logrotate.conf
+
"/var/log/mysql/query.log" 2016-3-20-5:0:0
# chown -R root:root /etc/logrotate.d
+
"/var/log/samba/samba-smbd.log" 2016-3-21-5:0:0
 +
"/var/log/httpd/access_log" 2016-3-20-5:0:0
 
}}
 
}}
or, set the {{ic|su}} variable to the user and group you desire in {{ic|/etc/logrotate.conf}}.
 
  
=== exim log not rotated ===
+
=== Skipping log because parent directory has insecure permission ===
 +
Set in the config which user and which group has to job {{ic|/etc/logrotate.d/job}} to be run with:
  
If you have set the {{ic|olddir}} variable in {{ic|/etc/logrotate.conf}}, you will get a message such as:
+
{{bc|
 +
file-to-be-rotated {
 +
    su user group
 +
    rotate 4
 +
}
 +
}}
  
{{Ic|error: failed to rename /var/log/exim/mainlog to /var/log/old/mainlog.1: Permission denied}}
+
== See also ==
  
To fix this, add the user {{ic|exim}} to the group {{ic|log}}. Then change the group of the {{ic|olddir}}, usually {{ic|/var/log/old}}, to {{ic|log}} instead of the default {{ic|root}}.
+
* [http://wiki.gentoo.org/wiki/Logrotate Logrotate on Gentoo Linux Wiki]
 +
* {{man|8|logrotate}} manual page

Latest revision as of 08:49, 10 September 2017

From https://github.com/logrotate/logrotate:

The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size.

By default, logrotate's rotation consists of renaming existing log files with a numerical suffix, then recreating the original empty log file. For example, /var/log/syslog.log is renamed /var/log/syslog.log.1. If /var/log/syslog.log.1 already exists from a previous rotation, it is first renamed /var/log/syslog.log.2. (The number of backlogs to keep can be configured.)

Installation

Logrotate can be installed with the logrotate package. It is installed by default as it is member of the base group.

By default, logrotate runs daily using a systemd timer: logrotate.timer.

Configuration

The primary configuration file for logrotate which sets default parameters is /etc/logrotate.conf; additional application-specific configuration files are included from the /etc/logrotate.d directory. Values set in application-specific configuration files override those same parameters in the primary configuration file.

To verify if logrotate works correctly run the following command which will produce debug output:

logrotate -d

To test your logrotate script, for example your nginx logrotate script in /etc/logrotate.d directory, use:

logrotate -f -v /etc/logrotate.d/nginx

Troubleshooting

exim log not rotated

If you have set the olddir variable in /etc/logrotate.conf, you will get a message such as:

error: failed to rename /var/log/exim/mainlog to /var/log/old/mainlog.1: Permission denied

To fix this, add the user exim to the group log. Then change the group of the olddir, usually /var/log/old, to log instead of the default root.

Check logrotate status

Run cat /var/lib/logrotate.status to see which logrotate files were rotated.

"/var/log/mysql/query.log" 2016-3-20-5:0:0
"/var/log/samba/samba-smbd.log" 2016-3-21-5:0:0
"/var/log/httpd/access_log" 2016-3-20-5:0:0

Skipping log because parent directory has insecure permission

Set in the config which user and which group has to job /etc/logrotate.d/job to be run with:

file-to-be-rotated {
    su user group
    rotate 4
}

See also