Bug with keeping logs?

[Richard G]

Is there a bug with keeping logfiles?

I have these settings in directadmin.conf:

logs_to_keep = 5
log_rotate_size=5

I want to keep the /var/log/httpd/domains/domain*.log files 5 days.

But all domainlogfiles get truncated every day in spite of this setting in directadmin.conf.
It doesn't tar or gzip the files either.

How can I fix this that it's working like I want it to?

 

[zEitEr]

The rotated logs are stored in users' homedirs.
/home/<username>/domains/<domain>/logs/

 

[Richard G]

Thank you. But users can delete the logs there temselves or hackers if their account got hacked.

So that's why I would like the logs a little longer in:
/var/log/httpd/domains/domain*.log

How can I fix that?

 

[scsi]

No they cant.

 

[Richard G]

Why not? Because thats the place where you can find what hackers did when they used xss or other things via the webserver.

If it's not possible to keep it there longer, where the user can't get to it, that's a miss. Would be a very nice feature.

 

[zEitEr]

1. Disable rotation in Directadmin.
2. Use your favorite tools for log rotation.

 

[Richard G]

1.) Thats not possible, see also here
2.) Oke I'm going to see if my Dutch collegues have a solution to this.
Thanks!

 

[zEitEr]

Possible http://www.directadmin.com/features.php?id=507
set

rotation=0

in directadmin.conf

 

[Richard G]

But this could cause webalizer problems or strange stats, is it not?

Maybe it's best in that case to leave the system as is en make a backup by cron or something of the logfiles, before the logrotate cron of DA is running.

 

[zEitEr]

Depends on you only. We do not use webalizer anymore.

 

[Richard G]

What do you use, awstats?

 

[zEitEr]

yes, awstats

 

[DirectAdmin Support]

Hello,

FYI, you can disable rotation of /var/log/httpd/domains/*.log by setting:

rotation=0

in your directadmin.conf.

John

 

[Richard G]

Yep, thank you, but this would also stop rotating the logs in:
/home/<username>/domains/<domain>/logs/

Correct?

 

[DirectAdmin Support]

Correct. You will have to manage everything about those logs yourself.

John

 

[Richard G]

And that's one of the reason I suggested a choice feature.

 

[Richard G]

I tried myself as an user to delete logs via SSH/FTP/Directadmin, that failed.

If this is true, no suggestion to rotate somewhere else is needed. I tried on 3 different DA servers and had no problem at all deleting them via the user FTP account.
Even with a server on which I used the ./set_permissions.sh user_homes script.

Should that /logs directory be owned by root or by the user? On all our servers it's owned by the user. The logs themselves in the directory are owned by root.
drwxr-xr-x 2 ibiza2 ibiza2 4.0K Feb 23 2009 .htpasswd
drwxr-xr-x 2 ibiza2 ibiza2 4.0K Dec 4 00:10 logs
drwxr-xr-x 2 ibiza2 ibiza2 4.0K Feb 23 2009 private_html
drwx--x--x 3 ibiza2 ibiza2 4.0K Feb 23 2009 public_ftp
drwx--x--x 5 ibiza2 ibiza2 4.0K Aug 13 08:47 public_html
drwxr-xr-x 2 root root 4.0K Dec 2 00:10 stats

And in the logs directory:
-rw-r--r-- 1 root root 497 Dec 2 00:11 Dec-2010.tar.gz
-rw-r--r-- 1 root root 402 Nov 28 00:10 Nov-2010.tar.gz

 

[Richard G]

I think I found there is a problem. By asking some others it seemed that on their servers the "logs" directory isnt owned by the user but also by root.

I don't have a clue how it can be that on all 3 servers this is set to the user, maybe by the mod_ruid installation, I don't know for sure.
I never touched those directory's myselve.

So I now need to chown all /home/usr/domains/logs directory's to root:root again.
That should fix the problem.

 

[zEitEr]

That's it.

Checked our servers. Within one user homedir we've got both variants: logs directory owned by root, and logs directory owned by user.

I'm not sure, why is it so. As in some cases we've got awstats directory owned by root, in others owned by user. Perhaps, it's an issue of dumping and restoring.

So it's possible to solve your problem by "chown 0:0 /home/*/domains/*/logs".
Make sure you put similar line (not that exactly) into

/usr/local/directadmin/scripts/custom/domain_change_post.sh
/usr/local/directadmin/scripts/custom/domain_create_post.sh

to change owner for logs with creation of a new domain.

 

[Richard G]

In that case it might be some kind of bug, because I also have a user:user on the logs directory on a completely new installed server.

The only thing I have in the custom directory comes from the spamassassin installation by using the spam.sh script and I followed the DA help directions to create a script in there.
It's called: user_create_post.sh and contains this:

#!/bin/sh
if [ "$spam" = "ON" ]; then
   DIR=/home/$username/.spamassassin
   mkdir $DIR
   touch $DIR/user_prefs     #or this is where you'd copy the default user_prefs you want them to have, instead of "touch".
   chown ${username}:mail $DIR
   chmod 771 $DIR
   chown $username:$username $DIR/user_prefs
   chmod 755 $DIR/user_prefs
   touch $DIR/spam
   chown mail:$username $DIR/spam
   chmod 660 $DIR/spam
fi
exit 0;