|Summary:||SECURITY logrotate just keep last month of logs|
|Product:||[Fedora] Fedora||Reporter:||Sergio Monteiro Basto <sergio>|
|Component:||logrotate||Assignee:||Peter Vrabec <pvrabec>|
|Status:||CLOSED WONTFIX||QA Contact:|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2006-06-30 12:16:24 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Sergio Monteiro Basto 2006-06-26 12:31:38 UTC
My server has been hacking, exploring a flaw in horde (http://www.horde.org/) My ISP blocked my cable modem. I can't prove anything because I just have last month of logs, it is fair enough for have last year of logs changing logrotate.conf to diff /tmp/logrotate.conf /etc/logrotate.conf 6c6 < rotate 4 --- > rotate 52
Comment 1 Peter Vrabec 2006-06-30 12:16:24 UTC
I think this amount of logs could occupy enough disk space and this option is not suitable for most admins.
Comment 2 Sergio Monteiro Basto 2006-06-30 12:30:55 UTC
I don't agree , if exploiter knows, looks like is my case, just wait one month and all logs of attack gone. At least put 2 or 3 months .
Comment 3 Robert Scheck 2006-06-30 12:35:25 UTC
I agree with Peter. Per default only very less people want to have what you're expecting as new default. Please remember, that /etc/logrotate.conf is marked as configuration file and won't be replaced during update when you modified it. So /etc/logrotate.conf is a configuration file and provides IMHO well defaults. If you don't agree, just change the file to your needs.