Bug 196671 - SECURITY logrotate just keep last month of logs
SECURITY logrotate just keep last month of logs
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: logrotate (Show other bugs)
5
All Linux
medium Severity high
: ---
: ---
Assigned To: Peter Vrabec
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-06-26 08:31 EDT by Sergio Monteiro Basto
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-06-30 08:16:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sergio Monteiro Basto 2006-06-26 08:31:38 EDT
My server has been hacking, exploring a flaw in horde (http://www.horde.org/)
My ISP blocked my cable modem. 
I can't prove anything because I just have last month of logs, 
it is fair enough for have last year of logs changing logrotate.conf to 

diff /tmp/logrotate.conf /etc/logrotate.conf
6c6
< rotate 4
---
> rotate 52
Comment 1 Peter Vrabec 2006-06-30 08:16:24 EDT
I think this amount of logs could occupy enough disk space and this option is not suitable for 
most admins.
Comment 2 Sergio Monteiro Basto 2006-06-30 08:30:55 EDT
I don't agree , if exploiter knows, looks like is my case, just wait one month
and all logs of attack gone.
At least put 2 or 3 months .
Comment 3 Robert Scheck 2006-06-30 08:35:25 EDT
I agree with Peter. Per default only very less people want to have what you're 
expecting as new default. Please remember, that /etc/logrotate.conf is marked as 
configuration file and won't be replaced during update when you modified it.
So /etc/logrotate.conf is a configuration file and provides IMHO well defaults. 
If you don't agree, just change the file to your needs.

Note You need to log in before you can comment on or make changes to this bug.