Log rotation and combining...

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Log rotation and combining...

SH Development
I have recently noticed that my dovecot-deliver.log is huge and wanted to start rotating it.  So a couple of questions:

1. Can the dovecot-deliver.log be combined with the maillog, that gets rotated weekly?  If it can be done, is it advisable?
Since the inception of this particular server, the log file has been located in the /home/vmail directory.  Is there a reason it shouldn’t be located in the /var/log directory with the maillog?

2. Separate from above, if I create a new logrotate script example as follows:

# dovecot SIGUSR1: Re-opens the log files.
/home/vmail/dovecot-deliver.log {
  missingok
  notifempty
  delaycompress
  sharedscripts
  postrotate
    /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
  endscript
}

I get the following error only when cron tries to run it:

/etc/cron.daily/logrotate:
error: stat of /home/vmail/dovecot-deliver.log failed: Permission denied


Owner on the log are vmail:vmail.  If I manually force logrotate on this particular log, it works fine.


Ethon
Reply | Threaded
Open this post in threaded view
|

Re: Log rotation and combining...

Bill Shirley
I believe you need a 'create' statement to set the permissions. Here
is an example for mariadb:
/var/log/mariadb/general.log
/var/log/mariadb/slow_query.log
/var/log/mariadb/error.log
/var/log/mariadb/mariadb.log {
         create 640 mysql mysql
         daily
         minsize 30M
         notifempty
         rotate 3
         missingok
         compress
         sharedscripts
         postrotate
#       # just if mysqld is really running
                 if test -x /usr/bin/mysqladmin && \
                         /usr/bin/mysqladmin ping &>/dev/null
                 then
                         /usr/bin/mysqladmin flush-logs
                 fi
         endscript
}

Bill


On 11/16/2017 4:27 AM, SH Development wrote:

> I have recently noticed that my dovecot-deliver.log is huge and wanted to start rotating it.  So a couple of questions:
>
> 1. Can the dovecot-deliver.log be combined with the maillog, that gets rotated weekly?  If it can be done, is it advisable?
> Since the inception of this particular server, the log file has been located in the /home/vmail directory.  Is there a reason it shouldn’t be located in the /var/log directory with the maillog?
>
> 2. Separate from above, if I create a new logrotate script example as follows:
>
> # dovecot SIGUSR1: Re-opens the log files.
> /home/vmail/dovecot-deliver.log {
>    missingok
>    notifempty
>    delaycompress
>    sharedscripts
>    postrotate
>      /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
>    endscript
> }
>
> I get the following error only when cron tries to run it:
>
> /etc/cron.daily/logrotate:
> error: stat of /home/vmail/dovecot-deliver.log failed: Permission denied
>
>
> Owner on the log are vmail:vmail.  If I manually force logrotate on this particular log, it works fine.
>
>
> Ethon
Reply | Threaded
Open this post in threaded view
|

Re: Log rotation and combining...

SH Development
That doesn’t seem to work either.  Where do I find logs for log rotation to see the reason it failed?

Ethon



> On Nov 16, 2017, at 7:53 PM, Bill Shirley <[hidden email] <mailto:[hidden email]>> wrote:
>
> I believe you need a 'create' statement to set the permissions. Here
> is an example for mariadb:
> /var/log/mariadb/general.log
> /var/log/mariadb/slow_query.log
> /var/log/mariadb/error.log
> /var/log/mariadb/mariadb.log {
>         create 640 mysql mysql
>         daily
>         minsize 30M
>         notifempty
>         rotate 3
>         missingok
>         compress
>         sharedscripts
>         postrotate
> #       # just if mysqld is really running
>                 if test -x /usr/bin/mysqladmin && \
>                         /usr/bin/mysqladmin ping &>/dev/null
>                 then
>                         /usr/bin/mysqladmin flush-logs
>                 fi
>         endscript
> }
>
> Bill
>
>
> On 11/16/2017 4:27 AM, SH Development wrote:
>> I have recently noticed that my dovecot-deliver.log is huge and wanted to start rotating it.  So a couple of questions:
>>
>> 1. Can the dovecot-deliver.log be combined with the maillog, that gets rotated weekly?  If it can be done, is it advisable?
>> Since the inception of this particular server, the log file has been located in the /home/vmail directory.  Is there a reason it shouldn’t be located in the /var/log directory with the maillog?
>>
>> 2. Separate from above, if I create a new logrotate script example as follows:
>>
>> # dovecot SIGUSR1: Re-opens the log files.
>> /home/vmail/dovecot-deliver.log {
>>   missingok
>>   notifempty
>>   delaycompress
>>   sharedscripts
>>   postrotate
>>     /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
>>   endscript
>> }
>>
>> I get the following error only when cron tries to run it:
>>
>> /etc/cron.daily/logrotate:
>> error: stat of /home/vmail/dovecot-deliver.log failed: Permission denied
>>
>>
>> Owner on the log are vmail:vmail.  If I manually force logrotate on this particular log, it works fine.
>>
>>
>> Ethon
Reply | Threaded
Open this post in threaded view
|

Re: Log rotation and combining...

Tom Hendrikx
Hi,


Your crontab should normally mail you error output. But you can also run
the logrotate command manually, in verbose mode.


Kind regards,
        Tom

On 17-11-17 03:35, SH Development wrote:

> That doesn’t seem to work either.  Where do I find logs for log rotation to see the reason it failed?
>
> Ethon
>
>
>
>> On Nov 16, 2017, at 7:53 PM, Bill Shirley <[hidden email] <mailto:[hidden email]>> wrote:
>>
>> I believe you need a 'create' statement to set the permissions. Here
>> is an example for mariadb:
>> /var/log/mariadb/general.log
>> /var/log/mariadb/slow_query.log
>> /var/log/mariadb/error.log
>> /var/log/mariadb/mariadb.log {
>>         create 640 mysql mysql
>>         daily
>>         minsize 30M
>>         notifempty
>>         rotate 3
>>         missingok
>>         compress
>>         sharedscripts
>>         postrotate
>> #       # just if mysqld is really running
>>                 if test -x /usr/bin/mysqladmin && \
>>                         /usr/bin/mysqladmin ping &>/dev/null
>>                 then
>>                         /usr/bin/mysqladmin flush-logs
>>                 fi
>>         endscript
>> }
>>
>> Bill
>>
>>
>> On 11/16/2017 4:27 AM, SH Development wrote:
>>> I have recently noticed that my dovecot-deliver.log is huge and wanted to start rotating it.  So a couple of questions:
>>>
>>> 1. Can the dovecot-deliver.log be combined with the maillog, that gets rotated weekly?  If it can be done, is it advisable?
>>> Since the inception of this particular server, the log file has been located in the /home/vmail directory.  Is there a reason it shouldn’t be located in the /var/log directory with the maillog?
>>>
>>> 2. Separate from above, if I create a new logrotate script example as follows:
>>>
>>> # dovecot SIGUSR1: Re-opens the log files.
>>> /home/vmail/dovecot-deliver.log {
>>>   missingok
>>>   notifempty
>>>   delaycompress
>>>   sharedscripts
>>>   postrotate
>>>     /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
>>>   endscript
>>> }
>>>
>>> I get the following error only when cron tries to run it:
>>>
>>> /etc/cron.daily/logrotate:
>>> error: stat of /home/vmail/dovecot-deliver.log failed: Permission denied
>>>
>>>
>>> Owner on the log are vmail:vmail.  If I manually force logrotate on this particular log, it works fine.
>>>
>>>
>>> Ethon
Reply | Threaded
Open this post in threaded view
|

Re: Log rotation and combining...

SH Development
So, the question is, why can I rotate the log manually, but cron returns a permission error?  Do I need to tell cron to run it as sudo or something like that?

Ethon

> On Nov 17, 2017, at 2:29 AM, Tom Hendrikx <[hidden email] <mailto:[hidden email]>> wrote:
>
> Hi,
>
>
> Your crontab should normally mail you error output. But you can also run
> the logrotate command manually, in verbose mode.
>
>
> Kind regards,
> Tom
>
> On 17-11-17 03:35, SH Development wrote:
>> That doesn’t seem to work either.  Where do I find logs for log rotation to see the reason it failed?
>>
>> Ethon
>>
>>
>>
>>> On Nov 16, 2017, at 7:53 PM, Bill Shirley <[hidden email] <mailto:[hidden email]> <mailto:[hidden email] <mailto:[hidden email]>>> wrote:
>>>
>>> I believe you need a 'create' statement to set the permissions. Here
>>> is an example for mariadb:
>>> /var/log/mariadb/general.log
>>> /var/log/mariadb/slow_query.log
>>> /var/log/mariadb/error.log
>>> /var/log/mariadb/mariadb.log {
>>>        create 640 mysql mysql
>>>        daily
>>>        minsize 30M
>>>        notifempty
>>>        rotate 3
>>>        missingok
>>>        compress
>>>        sharedscripts
>>>        postrotate
>>> #       # just if mysqld is really running
>>>                if test -x /usr/bin/mysqladmin && \
>>>                        /usr/bin/mysqladmin ping &>/dev/null
>>>                then
>>>                        /usr/bin/mysqladmin flush-logs
>>>                fi
>>>        endscript
>>> }
>>>
>>> Bill
>>>
>>>
>>> On 11/16/2017 4:27 AM, SH Development wrote:
>>>> I have recently noticed that my dovecot-deliver.log is huge and wanted to start rotating it.  So a couple of questions:
>>>>
>>>> 1. Can the dovecot-deliver.log be combined with the maillog, that gets rotated weekly?  If it can be done, is it advisable?
>>>> Since the inception of this particular server, the log file has been located in the /home/vmail directory.  Is there a reason it shouldn’t be located in the /var/log directory with the maillog?
>>>>
>>>> 2. Separate from above, if I create a new logrotate script example as follows:
>>>>
>>>> # dovecot SIGUSR1: Re-opens the log files.
>>>> /home/vmail/dovecot-deliver.log {
>>>>  missingok
>>>>  notifempty
>>>>  delaycompress
>>>>  sharedscripts
>>>>  postrotate
>>>>    /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
>>>>  endscript
>>>> }
>>>>
>>>> I get the following error only when cron tries to run it:
>>>>
>>>> /etc/cron.daily/logrotate:
>>>> error: stat of /home/vmail/dovecot-deliver.log failed: Permission denied
>>>>
>>>>
>>>> Owner on the log are vmail:vmail.  If I manually force logrotate on this particular log, it works fine.
>>>>
>>>>
>>>> Ethon
Reply | Threaded
Open this post in threaded view
|

Re: Log rotation and combining...

Tom Hendrikx
HI,

Do you have selinux activated? Maybe the context for logrotate does not
allow accessing files under /home, and the root cli is not troubled by
such a limitation? Why are you storing log files under /home anyway?

Note: I don't use any OS with selinux, so can't really help with fixing
this an issue.

Regards,
        Tom

On 17-11-17 22:42, SH Development wrote:

> So, the question is, why can I rotate the log manually, but cron returns a permission error?  Do I need to tell cron to run it as sudo or something like that?
>
> Ethon
>
>> On Nov 17, 2017, at 2:29 AM, Tom Hendrikx <[hidden email] <mailto:[hidden email]>> wrote:
>>
>> Hi,
>>
>>
>> Your crontab should normally mail you error output. But you can also run
>> the logrotate command manually, in verbose mode.
>>
>>
>> Kind regards,
>> Tom
>>
>> On 17-11-17 03:35, SH Development wrote:
>>> That doesn’t seem to work either.  Where do I find logs for log rotation to see the reason it failed?
>>>
>>> Ethon
>>>
>>>
>>>
>>>> On Nov 16, 2017, at 7:53 PM, Bill Shirley <[hidden email] <mailto:[hidden email]> <mailto:[hidden email] <mailto:[hidden email]>>> wrote:
>>>>
>>>> I believe you need a 'create' statement to set the permissions. Here
>>>> is an example for mariadb:
>>>> /var/log/mariadb/general.log
>>>> /var/log/mariadb/slow_query.log
>>>> /var/log/mariadb/error.log
>>>> /var/log/mariadb/mariadb.log {
>>>>        create 640 mysql mysql
>>>>        daily
>>>>        minsize 30M
>>>>        notifempty
>>>>        rotate 3
>>>>        missingok
>>>>        compress
>>>>        sharedscripts
>>>>        postrotate
>>>> #       # just if mysqld is really running
>>>>                if test -x /usr/bin/mysqladmin && \
>>>>                        /usr/bin/mysqladmin ping &>/dev/null
>>>>                then
>>>>                        /usr/bin/mysqladmin flush-logs
>>>>                fi
>>>>        endscript
>>>> }
>>>>
>>>> Bill
>>>>
>>>>
>>>> On 11/16/2017 4:27 AM, SH Development wrote:
>>>>> I have recently noticed that my dovecot-deliver.log is huge and wanted to start rotating it.  So a couple of questions:
>>>>>
>>>>> 1. Can the dovecot-deliver.log be combined with the maillog, that gets rotated weekly?  If it can be done, is it advisable?
>>>>> Since the inception of this particular server, the log file has been located in the /home/vmail directory.  Is there a reason it shouldn’t be located in the /var/log directory with the maillog?
>>>>>
>>>>> 2. Separate from above, if I create a new logrotate script example as follows:
>>>>>
>>>>> # dovecot SIGUSR1: Re-opens the log files.
>>>>> /home/vmail/dovecot-deliver.log {
>>>>>  missingok
>>>>>  notifempty
>>>>>  delaycompress
>>>>>  sharedscripts
>>>>>  postrotate
>>>>>    /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
>>>>>  endscript
>>>>> }
>>>>>
>>>>> I get the following error only when cron tries to run it:
>>>>>
>>>>> /etc/cron.daily/logrotate:
>>>>> error: stat of /home/vmail/dovecot-deliver.log failed: Permission denied
>>>>>
>>>>>
>>>>> Owner on the log are vmail:vmail.  If I manually force logrotate on this particular log, it works fine.
>>>>>
>>>>>
>>>>> Ethon


signature.asc (845 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Log rotation and combining...

SH Development
No, I’m not using selinux.

I didn’t set up the logging to be under /home so I don’t know why it’s going there.  I do know it’s been there for many years.  Hence, my question about where it SHOULD be and if it can be combined with the maillog.

Ethon


> On Nov 18, 2017, at 9:47 AM, Tom Hendrikx <[hidden email]> wrote:
>
> HI,
>
> Do you have selinux activated? Maybe the context for logrotate does not
> allow accessing files under /home, and the root cli is not troubled by
> such a limitation? Why are you storing log files under /home anyway?
>
> Note: I don't use any OS with selinux, so can't really help with fixing
> this an issue.
>
> Regards,
> Tom
>
> On 17-11-17 22:42, SH Development wrote:
>> So, the question is, why can I rotate the log manually, but cron returns a permission error?  Do I need to tell cron to run it as sudo or something like that?
>>
>> Ethon
>>
>>> On Nov 17, 2017, at 2:29 AM, Tom Hendrikx <[hidden email] <mailto:[hidden email]>> wrote:
>>>
>>> Hi,
>>>
>>>
>>> Your crontab should normally mail you error output. But you can also run
>>> the logrotate command manually, in verbose mode.
>>>
>>>
>>> Kind regards,
>>> Tom
>>>
>>> On 17-11-17 03:35, SH Development wrote:
>>>> That doesn’t seem to work either.  Where do I find logs for log rotation to see the reason it failed?
>>>>
>>>> Ethon
>>>>
>>>>
>>>>
>>>>> On Nov 16, 2017, at 7:53 PM, Bill Shirley <[hidden email] <mailto:[hidden email]> <mailto:[hidden email] <mailto:[hidden email]>>> wrote:
>>>>>
>>>>> I believe you need a 'create' statement to set the permissions. Here
>>>>> is an example for mariadb:
>>>>> /var/log/mariadb/general.log
>>>>> /var/log/mariadb/slow_query.log
>>>>> /var/log/mariadb/error.log
>>>>> /var/log/mariadb/mariadb.log {
>>>>>       create 640 mysql mysql
>>>>>       daily
>>>>>       minsize 30M
>>>>>       notifempty
>>>>>       rotate 3
>>>>>       missingok
>>>>>       compress
>>>>>       sharedscripts
>>>>>       postrotate
>>>>> #       # just if mysqld is really running
>>>>>               if test -x /usr/bin/mysqladmin && \
>>>>>                       /usr/bin/mysqladmin ping &>/dev/null
>>>>>               then
>>>>>                       /usr/bin/mysqladmin flush-logs
>>>>>               fi
>>>>>       endscript
>>>>> }
>>>>>
>>>>> Bill
>>>>>
>>>>>
>>>>> On 11/16/2017 4:27 AM, SH Development wrote:
>>>>>> I have recently noticed that my dovecot-deliver.log is huge and wanted to start rotating it.  So a couple of questions:
>>>>>>
>>>>>> 1. Can the dovecot-deliver.log be combined with the maillog, that gets rotated weekly?  If it can be done, is it advisable?
>>>>>> Since the inception of this particular server, the log file has been located in the /home/vmail directory.  Is there a reason it shouldn’t be located in the /var/log directory with the maillog?
>>>>>>
>>>>>> 2. Separate from above, if I create a new logrotate script example as follows:
>>>>>>
>>>>>> # dovecot SIGUSR1: Re-opens the log files.
>>>>>> /home/vmail/dovecot-deliver.log {
>>>>>> missingok
>>>>>> notifempty
>>>>>> delaycompress
>>>>>> sharedscripts
>>>>>> postrotate
>>>>>>   /bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
>>>>>> endscript
>>>>>> }
>>>>>>
>>>>>> I get the following error only when cron tries to run it:
>>>>>>
>>>>>> /etc/cron.daily/logrotate:
>>>>>> error: stat of /home/vmail/dovecot-deliver.log failed: Permission denied
>>>>>>
>>>>>>
>>>>>> Owner on the log are vmail:vmail.  If I manually force logrotate on this particular log, it works fine.
>>>>>>
>>>>>>
>>>>>> Ethon
>
>