Menu
▾
▴
webadmin-devel
|
From: Martin M. <mm...@me...> - 2004-01-12 08:01:08
|
Hi all,
please let me do some suggestions about the new module logrotate which
comes with the latest Devel-Package of Webmin.
While translating this module into german I ran across a problem which
may comes up, if certain logfiles are written and older ones are
stored in User-Homedirectories.
On my server I use the following template in Virtualmin for Apache
ServerName ${DOM}
ServerAlias www.${DOM}
DocumentRoot ${HOME}/public_html
ErrorLog ${HOME}/logs/www.$DOM.error.log
CustomLog ${HOME}/logs/www.$DOM.log combined
ScriptAlias /cgi-bin ${HOME}/cgi-bin
<Directory ${HOME}>
AllowOverride All
</Directory>
HostNameLookups on
ErrorDocument 404 http://www.$DOM/
So the current CustomLog and ErrorLog are owned by the user, but
rotated logs are owned by root. This does not do any harm to Webalizer
for my users because Webalizer works as root to get things done, but
sometimes users want to delete files in their directories (even if
deleting may would be stupid, but I can almost hear them say "These
are my files and I want to delete them if I want!").
I see it can be set with
Standard (Yes, with old permissions)
but what if a gone wild admin wants to get things back, because he
messed up his configuration ;-)
I would suggest the following option to logrotate if possible:
######################################################################
Global Options
[...]
Re-create log file after rotation?
[...]
[x] With rights taken from the folder the logs are written
and stored in. Use this option if you want to be sure
that all User-Logs can be fully accessed by your
users. Be sure that your users have full access
to their logfile-folders.
[...]
######################################################################
After a complete rotation of (in my case) four weeks, admin can be
sure that all of his myriad logfiles ;-) are back to normal.
bis dahin - kind regards
Martin Mewes
--=20
http://webmin.mamemu.de/
Official Webmin/Usermin Translation Co-Ordinator 2003/2004
Proud Forte Agent 2.0 Beta Tester
|
|
From: Jamie C. <jca...@we...> - 2004-01-12 21:51:36
|
On Mon, 2004-01-12 at 19:01, Martin Mewes wrote:
> Hi all,
>
> please let me do some suggestions about the new module logrotate which
> comes with the latest Devel-Package of Webmin.
>
> While translating this module into german I ran across a problem which
> may comes up, if certain logfiles are written and older ones are
> stored in User-Homedirectories.
>
> On my server I use the following template in Virtualmin for Apache
>
> ServerName ${DOM}
> ServerAlias www.${DOM}
> DocumentRoot ${HOME}/public_html
> ErrorLog ${HOME}/logs/www.$DOM.error.log
> CustomLog ${HOME}/logs/www.$DOM.log combined
> ScriptAlias /cgi-bin ${HOME}/cgi-bin
> <Directory ${HOME}>
> AllowOverride All
> </Directory>
> HostNameLookups on
> ErrorDocument 404 http://www.$DOM/
>
> So the current CustomLog and ErrorLog are owned by the user, but
> rotated logs are owned by root. This does not do any harm to Webalizer
> for my users because Webalizer works as root to get things done, but
> sometimes users want to delete files in their directories (even if
> deleting may would be stupid, but I can almost hear them say "These
> are my files and I want to delete them if I want!").
>
> I see it can be set with
>
> Standard (Yes, with old permissions)
>
> but what if a gone wild admin wants to get things back, because he
> messed up his configuration ;-)
>
> I would suggest the following option to logrotate if possible:
>
> ######################################################################
>
> Global Options
> [...]
> Re-create log file after rotation?
> [...]
> [x] With rights taken from the folder the logs are written
> and stored in. Use this option if you want to be sure
> that all User-Logs can be fully accessed by your
> users. Be sure that your users have full access
> to their logfile-folders.
> [...]
>
> ######################################################################
>
> After a complete rotation of (in my case) four weeks, admin can be
> sure that all of his myriad logfiles ;-) are back to normal.
That would be a cool feature .. but unfortunately, logrotate (the
program the module configures) does not have a directive to do this as
far as a I know. All it can be is re-create a log as a specific user, or
as the user the log was originally owned by ..
- Jamie
|
|
From: Martin M. <mm...@me...> - 2004-01-13 09:38:17
|
Hi Jamie, Jamie Cameron <jca...@we...> wrote: >> ###################################################################### >>=20 >> Global Options >> [...] >> Re-create log file after rotation? >> [...] >> [x] With rights taken from the folder the logs are written >> and stored in. Use this option if you want to be sure >> that all User-Logs can be fully accessed by your >> users. Be sure that your users have full access >> to their logfile-folders. >> [...] >>=20 >> ###################################################################### > >That would be a cool feature .. but unfortunately, logrotate (the >program the module configures) does not have a directive to do this as >far as a I know. All it can be is re-create a log as a specific user, or >as the user the log was originally owned by .. Well but it should be possible to "chown" according to the directory-acl, shouldn't it? bis dahin - kind regards Martin Mewes --=20 http://webmin.mamemu.de/ Official Webmin/Usermin Translation Co-Ordinator 2003/2004 Proud Forte Agent 2.0 Beta Tester |
|
From: Jamie C. <jca...@we...> - 2004-01-13 11:23:46
|
On Tue, 2004-01-13 at 20:38, Martin Mewes wrote: > Hi Jamie, > > Jamie Cameron <jca...@we...> wrote: > > > >> ###################################################################### > >> > >> Global Options > >> [...] > >> Re-create log file after rotation? > >> [...] > >> [x] With rights taken from the folder the logs are written > >> and stored in. Use this option if you want to be sure > >> that all User-Logs can be fully accessed by your > >> users. Be sure that your users have full access > >> to their logfile-folders. > >> [...] > >> > >> ###################################################################### > > > >That would be a cool feature .. but unfortunately, logrotate (the > >program the module configures) does not have a directive to do this as > >far as a I know. All it can be is re-create a log as a specific user, or > >as the user the log was originally owned by .. > > Well but it should be possible to "chown" according to the > directory-acl, shouldn't it? Oh yeah .. if the 'logrotate' program supported this. Webmin does not do the actual rotation itself - it just creates a config file for logrotate. - Jamie |
|
From: Martin M. <mm...@me...> - 2004-01-13 11:44:15
|
Hi Jamie, Jamie Cameron <jca...@we...> wrote: >> Well but it should be possible to "chown" according to the >> directory-acl, shouldn't it? > >Oh yeah .. if the 'logrotate' program supported this. Webmin does not do >the actual rotation itself - it just creates a config file for >logrotate. Maybe I missed the point. Couldn't the module just forget about 'logrotate' in particular and just "chown" things with perl? I know that Webmin-Modules are just creating configuration files but this would be a recovery feature. bis dahin - kind regards Martin Mewes --=20 http://webmin.mamemu.de/ Official Webmin/Usermin Translation Co-Ordinator 2003/2004 Proud Forte Agent 2.0 Beta Tester |
|
From: Jamie C. <jca...@we...> - 2004-01-13 22:06:20
|
On Tue, 2004-01-13 at 22:44, Martin Mewes wrote: > Hi Jamie, > > Jamie Cameron <jca...@we...> wrote: > > >> Well but it should be possible to "chown" according to the > >> directory-acl, shouldn't it? > > > >Oh yeah .. if the 'logrotate' program supported this. Webmin does not do > >the actual rotation itself - it just creates a config file for > >logrotate. > > Maybe I missed the point. > > Couldn't the module just forget about 'logrotate' in particular and > just "chown" things with perl? I know that Webmin-Modules are just > creating configuration files but this would be a recovery feature. The problem is, log rotation is not kicked off by Webmin - instead, logrotate is run from a cron job that does not involve Webmin at all. And any such chowning needs to be done just after the log is re-created .. - Jamie |
|
From: Conny B. <ko...@ni...> - 2004-03-25 23:10:07
|
2004-01-13 kl. 23.06 skrev Jamie Cameron > On Tue, 2004-01-13 at 22:44, Martin Mewes wrote: >> Couldn't the module just forget about 'logrotate' in particular and >> just "chown" things with perl? I know that Webmin-Modules are just >> creating configuration files but this would be a recovery feature. > > The problem is, log rotation is not kicked off by Webmin - instead, > logrotate is run from a cron job that does not involve Webmin at all. > And any such chowning needs to be done just after the log is re-created For this you're probably better off by using the "postrotate" option in your logrotate log file definition (see the logrotate docs) than hacking webmin. That way, you can hook in and do whatever you need to do just after the rotation happened. //conny |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X