Debian Log Rotation
Kevin D. Clark
kevin_d_clark at comcast.net
Mon Dec 19 10:26:01 EST 2005
Christopher Schmidt writes:
> I use Debian for a web and mail server, hosted in a colocation facility.
> I'm running Debian Sarge, and have set up virtual domains using the
> tutorial at http://workaround.org/articles/ispmail-sarge/ . Everything
> works pretty nicely.
>
> However, I'm now trying to run lire to get log analysis, and my mail
> logs are currently rotated daily. I can't figure out where this is
> done.
>
> It seems to be happening by some call to `savelog` somewhere. However,
> I've looked through my /etc/cron.daily/, and can't find anything
> regarding it there. There is a sysklogd entry, which rotates all files
> in `syslogd-listfiles` -- but that does *not* list /var/log/mail.log
> (only /var/log/syslog).
I'm not a regular Debian user, but perhaps I can help.
Try out the attached Bash functions. You can actually paste the whole
file into a running Bash shell.
After doing this, try typing:
txtfind /etc /var | xargs grep '\<savelog\>'
Perhaps this will tell you where savelog is being invoked.
I find these functions to be invaluable in my daily work; I hope you
find them to be useful too.
Regards,
--kevin
--
GnuPG ID: B280F24E
-------------- next part --------------
# Author: kevin d. clark (alumni.unh.edu!kdc)
srcfind () {
if [ $# -eq 0 ] ; then
srcfind .
else
find "${@}" \( -name \*.c \
-o -name \*.cc \
-o -name \*.h \
-o -name \*.hh \
-o -name \*.java \
-o -name \*.c++ \
-o -name \*.el \
\) -print
fi
}
writeablesrcfind () {
if [ $# -eq 0 ] ; then
writeablesrcfind .
else
find "${@}" \( -name \*.c \
-o -name \*.cc \
-o -name \*.h \
-o -name \*.hh \
-o -name \*.java \
-o -name \*.c++ \
-o -name \*.el \
\) \
-exec test -w {} \; \
-print
fi
}
# files that are relevant to our build
buildfind () {
if [ $# -eq 0 ] ; then
buildfind .
else
find "${@}" \( -name \*.c \
-o -name \*.cc \
-o -name \*.h \
-o -name \*.java \
-o -name \*.c++ \
-o -name Makefile \
\) -print
fi
}
# files that are relevant to our build
newerbuildfind () {
if [ $# -lt 1 ] ; then
echo Usage: newerbuildfind file-with-timestamp directory1 directory2 ...
elif [ $# -lt 2 ] ; then
file_with_timestamp=$1 ; shift
newerbuildfind "$file_with_timestamp" .
else
file_with_timestamp=$1 ; shift
find "${@}" -newer $file_with_timestamp \
\( -name \*.c \
-o -name \*.cc \
-o -name \*.h \
-o -name \*.java \
-o -name \*.c++ \
-o -name Makefile \
-o -name imports \
-o -name exports \
-o -name project.defs \
-o -name mr_info\* \
\) -print
fi
}
# files that are relevant to our build
writablebuildfind () {
if [ $# -eq 0 ] ; then
echo Usage: writablebuildfind directory1 directory2 ...
else
find "${@}" \( -name \*.c \
-o -name \*.cc \
-o -name \*.h \
-o -name \*.java \
-o -name \*.c++ \
-o -name Makefile \
\) \
-exec test -w {} \; \
-print
fi
}
# Finds text files in the specified directories. These use Perl's -T and -B
# tests. Here's some relevant documentation from the perlfunc page:
#
# The "-T" and "-B" switches work as follows. The first block or
# so of the file is examined for odd characters such as strange
# control codes or characters with the high bit set. If too many
# strange characters (>30%) are found, it's a "-B" file, other-
# wise it's a "-T" file. Also, any file containing null in the
# first block is considered a binary file. [....] Both "-T" and
# "-B" return true on a null file...
#
# Caveat programmer.
#
# Find text files
txtfind () {
if [ $# -eq 0 ] ; then
txtfind .
else
perl -MFile::Find -e 'find(sub{print "$File::Find::name\n" if (-f && -T);}, @ARGV);' "${@}"
fi
}
# Find DOS-formatted text files
dostxtfind () {
if [ $# -eq 0 ] ; then
dostxtfind .
else
perl -MFile::Find -e 'find(sub{
$crlf = 0;
if (($f = -f) && ($T = -T)) {
@ARGV=($_);
binmode(ARGV);
(/\r\n/ && $crlf++) while(<>);
}
print "$File::Find::name\n"
if ($f && $T && $crlf);
}, @ARGV)' "${@}"
fi
}
# Find binary files
binfind () {
if [ $# -eq 0 ] ; then
binfind .
else
perl -MFile::Find -e 'find(sub{print "$File::Find::name\n" if (-f && -B);}, @ARGV);' "${@}"
fi
}
# Find text files that start with a shebang. (#!)
shebangfind () {
if [ $# -eq 0 ] ; then
shebangfind .
else
perl -MFile::Find -e 'find(sub{
my $shebang;
if (-f && -T) {
@ARGV=($_);
$_ = <>;
$shebang = 1 if (substr($_, 0, 2) eq "#!");
print "$File::Find::name\n" if ($shebang);
close(ARGV)
}
}, @ARGV)' "${@}"
fi
}
cfind () {
if [ $# -eq 0 ] ; then
cfind .
else
find "${@}" \( -name \*.c \
-o -name \*.cc \
-o -name \*.c++ \
\) -print
fi
}
hfind () {
if [ $# -eq 0 ] ; then
hfind .
else
find "${@}" \( -name \*.h \
\) -print
fi
}
jfind () {
if [ $# -eq 0 ] ; then
jfind .
else
find "${@}" \( -name \*.java \
\) -print
fi
}
elfind () {
if [ $# -eq 0 ] ; then
elfind .
else
find "${@}" \( -name \*.el \
\) -print
fi
}
bakfind () {
if [ $# -eq 0 ] ; then
bakfind .
else
find "${@}" \( -name \*.bak \
\) -print
fi
}
classfind () {
if [ $# -eq 0 ] ; then
classfind .
else
find "${@}" \( -name \*.class \
\) -print
fi
}
xmlfind () {
if [ $# -eq 0 ] ; then
xmlfind .
else
find "${@}" \( -name \*.xml \
\) -print
fi
}
writeablefind () {
if [ $# -eq 0 ] ; then
writeablefind .
else
perl -MFile::Find -e 'find(sub{print "$File::Find::name\n" if (-f && -w);}, @ARGV);' "${@}"
fi
}
readonlyfind () {
if [ $# -eq 0 ] ; then
readonlyfind .
else
perl -MFile::Find -e 'find(sub{print "$File::Find::name\n" if (-f && ! -w);}, @ARGV);' "${@}"
fi
}
# Finds all files and directories newer than a given file
newerfind () {
if [ $# -lt 1 ] ; then
echo Usage: newerfind file-with-timestamp directory1 directory2 ...
elif [ $# -lt 2 ] ; then
file_with_timestamp=$1 ; shift
newerfind "$file_with_timestamp" .
else
file_with_timestamp=$1 ; shift
perl -MFile::Find -e '$f = shift; find(sub{print "$File::Find::name\n" if (-M $file_with_timestamp > -M);}, @ARGV);' "${@}"
fi
}
More information about the gnhlug-discuss
mailing list