Red Hat Bugzilla – Bug 196671
SECURITY logrotate just keep last month of logs
Last modified: 2007-11-30 17:11:35 EST
My server has been hacking, exploring a flaw in horde (http://www.horde.org/)
My ISP blocked my cable modem.
I can't prove anything because I just have last month of logs,
it is fair enough for have last year of logs changing logrotate.conf to
diff /tmp/logrotate.conf /etc/logrotate.conf
< rotate 4
> rotate 52
I think this amount of logs could occupy enough disk space and this option is not suitable for
I don't agree , if exploiter knows, looks like is my case, just wait one month
and all logs of attack gone.
At least put 2 or 3 months .
I agree with Peter. Per default only very less people want to have what you're
expecting as new default. Please remember, that /etc/logrotate.conf is marked as
configuration file and won't be replaced during update when you modified it.
So /etc/logrotate.conf is a configuration file and provides IMHO well defaults.
If you don't agree, just change the file to your needs.