logrotate(8) and copytruncate as default

Adam Williamson awilliam at redhat.com
Fri Jun 28 06:24:07 UTC 2013

On Thu, 2013-06-27 at 18:41 -0400, Colin Walters wrote:
> On Thu, 2013-06-27 at 23:38 +0200, Lennart Poettering wrote:
> > Why would you want this? I mean, we rate-limit per-service anyway, so
> > the issue of one app flooding evreything else should be mostly
> > non-existant. And hence, what you are asking for is some policy control
> > about what to delete first, which only really matters if your disk space
> > is very very limited?
> Would you consider it sane to log say Apache traffic to the journal?  If
> not, then there's still logrotate in the picture, and daemons need to do
> the whole SIGHUP dance.  You can ignore the rest of this message in that
> case.
> But if you do, then it would seem fairly sane to me on a medium traffic
> site to want the ability to have different retention
> policies for the webserver logs versus other system events like sudo
> activations or a change of the root password.

I'm not entirely sure how this works, but in some sense, journal
separates logs *by uid* - if you look in /var/log/journal , there are
files for root and files for your uid. If you were logging httpd via the
journal, it may be that it'd wind up in a different journal file for the
uid httpd was being run as. I haven't checked if you can set rotation
policies on a per-uid level. (I'm sure Lennart can explain this more,
er, correctly.)
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora

More information about the devel mailing list