Apache和logrotate的配置 [英] Apache and logrotate configuration
问题描述
上周,我发现我的服务器上的问题,因为磁盘使用率达到100%,我发现阿帕奇创造了60GB巨大的error.log文件。后来我改变的LogLevel到EMERG,但一周后它再次1.3GB这绝对是太多了。
而且我有6MB的的access.log和167MB的other_vhosts_access.log。所以,我发现了问题可以logrotate的不工作。
其实日志的gzip文件有一个非常古老的日期(2月23日)。
所以,我想首先要改变的Apache2 logrotate的该文件的配置,增添了最大尺寸的文件,现在正在寻找这样的:
last week I found a problem on my server, because the disk usage was 100% and i found out apache had created a huge error.log file of 60GB. I changed then the LogLevel to emerg, but after one week it's again 1.3GB which is definitely too much. Moreover i have an access.log of 6MB and an other_vhosts_access.log of 167MB. So i found out that the problem could be logrotate not working. Actually the gzipped files of the logs have a very old date (23rd February). So i tried first to change the configuration of the logrotate file for apache2, adding a max size for the file, looking now like this:
/var/log/apache2/*.log {
weekly
size 500M
missingok
rotate 20
compress
delaycompress
notifempty
create 640 root adm
sharedscripts
postrotate
if /etc/init.d/apache2 status > /dev/null ; then \
/etc/init.d/apache2 reload > /dev/null; \
fi;
endscript
prerotate
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
run-parts /etc/logrotate.d/httpd-prerotate; \
fi; \
endscript
}
在这之后我手动试图迫使logrotate的运行Apache的具体配置以
After this i tried manually to force logrotate to run a specific configuration for apache with
logrotate -f /etc/logrotate.d/apache2
和我得到这个错误:
error: skipping "/var/log/apache2/access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/apache2/error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/apache2/other_vhosts_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
但奇怪的是,在它好歹运行旋转,创建一个空的error.log文件,但与旧的不同的权限,而不是COM pressing现有error.log中。
看着Apache日志目录,现在看起来是这样的:
The strange thing is that in someway it run the rotation, creating an empty error.log file, but with different permissions from the old one, and not compressing the existing error.log. Looking at apache log directory, it looks now like this:
-rwxrwxrwx 1 root adm 6.3M Oct 21 10:54 access.log
-rwxrwxrwx 1 root adm 22K Feb 18 2014 access.log.1
-rwxrwxrwx 1 root adm 7.0K Feb 16 2014 access.log.2.gz
-rwxrwxrwx 1 root adm 4.0K Feb 9 2014 access.log.3.gz
-rw------- 1 amministratore amministratore 0 Oct 21 10:32 error.log
-rw-r--r-- 1 root root 1.3G Oct 21 10:57 error.log.1
-rwxrwxrwx 1 root adm 167M Oct 21 10:57 other_vhosts_access.log
-rwxrwxrwx 1 root adm 225K Feb 23 2014 other_vhosts_access.log.1
-rwxrwxrwx 1 root adm 16K Feb 15 2014 other_vhosts_access.log.2.gz
-rwxrwxrwx 1 root adm 3.2K Feb 8 2014 other_vhosts_access.log.3.gz
那么,什么是正确的前进道路?
我应该改变的/ var /日志/的Apache2目录的权限? (现在777)我没有设置这些权限,我不知道,如果它是正确的。
或者我应该告诉logrotate的用于旋转哪些用户?怎么样?
So what is the right way to proceed? should i change the permissions of the /var/log/apache2 directory? (which is now 777) I didn't set these permissions and i dunno if it is correct. or should i tell logrotate which user to use for rotation? and how?
推荐答案
按照这些说明
<一个href=\"https://linuxslut.net/logrotate-parent-directory-has-insecure-permissions/\">https://linuxslut.net/logrotate-parent-directory-has-insecure-permissions/
我只是改变了logrotate的配置文件,添加请求苏指令,现在它以正确的方式旋转。
i just changed the logrotate configuration file, adding the requested su directive and now it rotates in the right way.
这篇关于Apache和logrotate的配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
