LOGROTATE

The Linux utility logrotate renames and reuses system error log files on a

periodic basis so that they don’t occupy excessive disk space. The /etc/logrotate.confFile

The/etc/logrotate.conf file is logrotate’s general configuration file in which

you can specify the frequency with which the files are reused:

☞ You can specify either a weeklyor dailyrotation parameter. In the case

below, the weekly option is commented out with a #, allowing daily

updates.

☞ The rotateparameter specifies the number of copies of log files logrotate

will maintain. In the case below, the 4 copy option is commented out with a #, while allowing 7 copies.

☞ The createparameter creates a new log file after each rotation.

96 Troubleshooting Linux with syslog Chapter 5 06Harrison_ch05.qxd 2/25/05 9:57 AM Page 96

Therefore, our sample configuration file will create daily archives of all

the logfiles and store them for seven days. The files will have the following names, with logfilethe current active version:

logfile logfile.0 logfile.1 logfile.2 logfile.3 logfile.4 logfile.5 logfile.6

Sample Contents of /etc/logrotate.conf

# rotate log files weekly #weekly

# rotate log files daily daily

# keep 4 weeks worth of backlogs #rotate 4

# keep 7 days worth of backlogs rotate 7

# create new (empty) log files after rotating old ones create

The /etc/logrotate.dDirectory

Most Linux applications that use syslogput an additional configuration file in

this directory to specify the names of the log files to be rotated. It is a good practice to verify that all new applications that you want to use the sysloglog

have configuration files in this directory. Here are some sample files that define the specific files to be rotated for each application.

The /etc/logrotate.d/syslogFile (for General System Logging)

/var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron {

sharedscripts postrotate

/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true

endscript }

logrotate 97

The /etc/logrotate.d/apacheFile (for Apache) /var/log/httpd/access_log /var/log/httpd/agent_log /var/log/httpd/error_log /var/log/httpd/referer_log { missingok sharedscripts postrotate

/bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true

endscript }

The /etc/logrotate.d/sambaFile (for Samba)

/var/log/samba/*.log { notifempty missingok sharedscripts copytruncate postrotate

/bin/kill -HUP `cat /var/lock/samba/*.pid 2> /dev/null` 2> /dev/null || true

endscript }

Activating logrotate

The logrotate settings in the last section will not take effect until you issue

the following command:

[root@bigboy tmp]# logrotate -f

If you want logrotateto reload only a specific configuration file, and not

all of them, issue the logrotate command with just that filename as the

argument:

[root@bigboy tmp]# logrotate -f /etc/logrotate.d/syslog

Compressing Your Log Files

On busy Web sites the size of your log files can become quite large. Compression can be activated by editing the logrotate.conf file and adding

the compressoption.

98 Troubleshooting Linux with syslog Chapter 5 06Harrison_ch05.qxd 2/25/05 9:57 AM Page 98

#

# File: /etc/logrotate.conf #

# Activate log compression compress

The log files will then start to become archived with the gziputility, each

file having a .gzextension.

[root@bigboy tmp]# ls /var/log/messages*

/var/log/messages /var/log/messages.1.gz /var/log/messages.2.gz /var/log/messages.3.gz /var/log/messages.4.gz /var/log/messages.5.gz /var/log/messages.6.gz /var/log/messages.7.gz

[root@bigboy tmp]#

Viewing the contents of the files still remains easy because the zcatcom-

mand can quickly output the contents to the screen. Use the command with the compressed file’s name as the argument:

[root@bigboy tmp]# zcat /var/log/messages.1.gz ...

...

Nov 15 04:08:02 bigboy httpd: httpd shutdown succeeded Nov 15 04:08:04 bigboy httpd: httpd startup succeeded Nov 15 04:08:05 bigboy sendmail[6003]: iACFMLHZ023165: to=<[email protected]>, delay=2+20:45:44, xdelay=00:00:02, mailer=esmtp, pri=6388168,

relay=www.clematis4spiders.info. [222.134.66.34], dsn=4.0.0, stat=Deferred: Connection refused by www.clematis4spiders.info. [root@bigboy tmp]#

C

In the next chapter we cover the installation of Linux applications, and the use of syslog will become increasingly important especially in the trou-

bleshooting of Linux-based firewalls, which can be configured to ignore and then log all undesirable packets; the Apache Web server, which logs all appli- cation programming errors generated by some of the popular scripting lan- guages such as PERL and PHP; and finally, Linux mail, whose configuration files are probably the most frequently edited system documents of all and which correspondingly suffer from the most mistakes.

This syslogchapter should make you more confident to learn more about

these applications via experimentation because you’ll at least know where to look at the first sign of trouble.

Conclusion 99

C H A P T E R

6

Installing RPM Software

I

T

C

☞ Where to Get Commonly Used RPMs

☞ Getting RPMs Using Web-Based FTP

☞ Getting RPMs Using Command-Line Anonymous FTP

☞ Getting RPMs Using wget

☞ Automatic Updates with yum

☞ How to Install RPMs Manually

☞ How to Install Source RPMs

☞ RPM Installation Errors

☞ How to List Installed RPMs

☞ Listing Files Associated with RPMs

☞ Uninstalling RPMs

☞ Which RPMs Start at Boot Time?

☞ Installing Software Using tarFiles

☞ Conclusion

You’ll frequently need to install additional software on your Linux server that you didn’t think you’d need when you first installed the operating system. This could be because of new business requirements for additional packages or the need to install new administrative tools to make your job easier.

Fedora Linux software is primarily available in Red Hat Package Manager (RPM) files. Regular RPM package files are used for installations in which the kernel, or master program, hasn’t been customized in any way. This is the usual scenario for most departmental servers. Source RPMs are used when the kernel has been customized to add or drop support selectively for various devices or features for the sake of performance or functionality. The

101

procedure for installing source RPMs involves recompiling source code to fit the needs of these kernel customizations. This makes life easier for the soft- ware developer who wrote the package as he or she now has only to create a single package to support all types of customizations. Both package types use standardized commands for installing the software contained inside, making RPMs relatively easy to use.

Software developers who want to use a universally recognizable file for- mat across all flavors of Linux also will make their products available as TAR packages. TAR packages are generally more difficult to work with than RPM packages because the archived files within them may or may not need to be compiled and the commands to install the software may vary from package to package. Instructions are usually contained within a file inside the TAR pack- age to help guide the installation.

This chapter focuses on the RPM format, which is the format of choice for Fedora Linux software, but also devotes a small section on TAR packages near the end because they are still very important.