上周,我在服务器上发现了一个问题,因为磁盘使用率为100%,并且我发现apache创建了一个60GB的巨大error.log文件。我将LogLevel更改为emerg,但一周后又恢复为1.3GB,这肯定太大了。
此外,我有一个6MB的access.log和一个167MB的other_vhosts_access.log。所以我发现问题可能是logrotate无法正常工作。
实际上,日志的压缩文件具有很旧的日期(2月23日)。
所以我首先尝试更改apache2的logrotate文件的配置,为文件添加最大大小,现在看起来像这样:

/var/log/apache2/*.log {
    weekly
    size 500M
    missingok
    rotate 20
    compress
    delaycompress
    notifempty
    create 640 root adm
    sharedscripts
    postrotate
                if /etc/init.d/apache2 status > /dev/null ; then \
                    /etc/init.d/apache2 reload > /dev/null; \
                fi;
    endscript
    prerotate
        if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
            run-parts /etc/logrotate.d/httpd-prerotate; \
        fi; \
    endscript
}

之后,我尝试手动强制logrotate为apache运行特定的配置
logrotate -f /etc/logrotate.d/apache2

我得到这个错误:
error: skipping "/var/log/apache2/access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/apache2/error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
error: skipping "/var/log/apache2/other_vhosts_access.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

奇怪的是,它以某种方式运行旋转,创建一个空的error.log文件,但权限与旧文件不同,并且不压缩现有的error.log。
查看apache日志目录,现在看起来像这样:
-rwxrwxrwx  1 root           adm            6.3M Oct 21 10:54 access.log
-rwxrwxrwx  1 root           adm             22K Feb 18  2014 access.log.1
-rwxrwxrwx  1 root           adm            7.0K Feb 16  2014 access.log.2.gz
-rwxrwxrwx  1 root           adm            4.0K Feb  9  2014 access.log.3.gz
-rw-------  1 amministratore amministratore    0 Oct 21 10:32 error.log
-rw-r--r--  1 root           root           1.3G Oct 21 10:57 error.log.1
-rwxrwxrwx  1 root           adm            167M Oct 21 10:57 other_vhosts_access.log
-rwxrwxrwx  1 root           adm            225K Feb 23  2014 other_vhosts_access.log.1
-rwxrwxrwx  1 root           adm             16K Feb 15  2014 other_vhosts_access.log.2.gz
-rwxrwxrwx  1 root           adm            3.2K Feb  8  2014 other_vhosts_access.log.3.gz

那么正确的前进方式是什么?
我应该更改/ var / log / apache2目录的权限吗? (现在是777)我没有设置这些权限,如果正确的话,我不知道。
还是我应该告诉logrotate使用哪个用户进行轮换?如何?

最佳答案

只需将su root adm添加到配置文件中:

/var/log/apache2/*.log {
    # …
    su root adm
}

关于apache - Apache和logrotate配置,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/26482773/

10-12 05:57