0

I'm trying to utilize newsyslog.conf -- newsyslog(8) configuration file to rotate my apache/nginx/squid log files:

# uname -a
FreeBSD X 9.2-RELEASE-p17 FreeBSD 9.2-RELEASE-p17 #0 r282430: Mon May  4 13:59:58 PDT 2015     root@X:/usr/obj/usr/src/sys/R610  amd64
# tail -1 /etc/newsyslog.conf 
<include> /etc/newsyslog-local.conf
# cat /etc/newsyslog-local.conf 
/var/log/httpd-*.log    root:wheel  644 7   *   @T00    JC  /var/run/httpd.pid
/var/log/nginx-*.log    root:wheel  644 7   *   @T00    JC  /var/run/nginx.pid
/var/log/squid/*.log    squid:squid 640 7   *   @T00    JC  /var/run/squid/squid.pid
# newsyslog 
# echo $?
0
# ll /var/log/httpd-* /var/log/nginx-* /var/log/squid/*log*
-rw-r--r--  1 root   wheel   794179378 Jun 10 12:13 /var/log/httpd-access.log
-rw-r--r--  1 root   wheel   236848603 Jun 10 12:09 /var/log/httpd-error.log
-rw-r--r--  1 root   wheel     3513917 Jun 10 12:09 /var/log/httpd-ssl_request.log
-rw-r--r--  1 root   wheel  1789191504 Jun 10 12:13 /var/log/nginx-access.log
-rw-r--r--  1 root   wheel   165855753 Jun 10 12:13 /var/log/nginx-error.log
-rw-r-----  1 squid  squid     5604675 Jun 10 12:01 /var/log/squid/access.log
-rw-r-----  1 squid  squid       12589 Jun 10 10:47 /var/log/squid/cache.log
#

What am I doing wrong?

Louis
  • 506
  • 3
  • 12
alexus
  • 12,342
  • 27
  • 115
  • 173

2 Answers2

4

Your configuration should be as follows:

/var/log/httpd-*.log    root:wheel  644 7   *   @T00    GBJC  /var/run/httpd.pid 1
/var/log/nginx-*.log    root:wheel  644 7   *   @T00    GBJC  /var/run/nginx.pid 1
/var/log/squid/*.log    squid:squid 640 7   *   @T00    GBJC  /var/run/squid/squid.pid 30
  • The G flag indicates your log filename is a shell pattern.
  • The B flag tells newsyslog to not put Log rotated text at the top of the new logfile.
  • see newsyslog.conf(5) for other flag meanings.

If you want to use newsyslog for Squid, it needs to told not to do its own logrotate (SquidLogs FAQ):

# squid.conf
logfile_rotate 0

You can do a dry-run of your configuration with newsyslog -nvF | less.

My source for Squid config and dry-run command: "Squid log rotation with newsyslog" (Jamesoff.net blog post and comments).

0

Squid have its own log rotator:

#/etc/crontab
18 4 1 * * root /usr/local/sbin/squid -k rotate

config:

#/usr/local/etc/squid/squid.conf
logfile_rotate 10

Apache should be rotated carefully 

#/etc/newsyslog.conf
/var/log/apache/vhosts/*.log 660 5 * $W0D0 CG 
/var/log/apache/tools/*.log  660 5 * $W0D0 CG 
/var/log/apache/*.log        660 5 * $W0D0 CG /var/run/httpd.pid 1

First you have to rotate all apache-related logs, then send a signal 1 (SIGHUP) to the master httpd process forcing logfile filedescriptors to be reopened.

Kondybas
  • 6,864
  • 2
  • 19
  • 24
  • Thank you for `squid -k rotate`, I added that to cron outside of newsyslog. re: apache i'm still unable to get that going, i added signal 1, but that did not help. – alexus Jun 10 '15 at 19:10
  • Aw! Newsyslog is launched by cron each minute and does nothing if noone timing pattern matched to current datetime. `@T00` means `each day midnight`. When you launch `newsyslog` manually at arbitrary time then nothing would be happened - in general. Just wait until tomorrow. – Kondybas Jun 10 '15 at 19:31
  • Do I need to add signal 1 to `nginx` line as well? – alexus Jun 10 '15 at 19:36
  • I'm not familiar with nginx, sorry. – Kondybas Jun 10 '15 at 19:37
  • well, tomorrow is today and neither `httpd` nor `nginx` log got rotated( – alexus Jun 11 '15 at 14:47