[Openvpn-users] logrotate

[Bonno B. <b.b...@ti...>]

Hi,

Using Openvpn 2.0.9-4etch1_i386 on Debian eth 4.0r3
I want to keep my OpenVPN log messages seperate and don't have them in the syslog. But... I do need to have to rotate the log at least once a week.

1)
Currently I log to /etc/openvpn/openvpn.log, should I change that to /var/log/openvpn.log?
Would changing the line:
  log-append openvpn.log 
to
  log-append /var/log/openvpn.log 
be enough? The documentation does not state whether a full path is possible or just a filename.

2)
How do I add the openvpn.log file to the weekly logrotation on a Debian etch systeem?
Probably something with /etc/logrotate.conf or a file in /etc/logrotate.d/ but.. I'm almost there but not quite. :-)

It seems I might have to put an openvpn file in the /etc/logrotate.d/ directory with something like:
/var/log/openvpn.log {
    weekly
    rotate 4
    compress
    missingok
    postrotate
        pkill -SIGUSR1 openvpn > /dev/null
    endscript
}
But it's the postrotate section I'm not sure about.

I copied this from the acpid logrotate script. Other files don't have that postrotate section but...
I've noticed a rename of the openvpn.log file would not be enough for openvpn to start using a new file. If I do just a mv openvpn.log openvpn.1 then openvpn will still write to the old logfile with the .1 name and not start a new openvpn.log file. After a restart it will use a new file so I need to tell openvpn to use the new file somehow. I don't know enough about openvpn to know what the best way is.





Met vriendelijke groet,
Bonno Bloksma
hoofd systeembeheer



tio hogeschool hospitality en toerisme 
begijnenhof 8-12 / 5611 el eindhoven
t 040 296 28 28 / f 040 237 35 20
b.b...@ti...  / www.tio.nl