From owner-freebsd-questions@FreeBSD.ORG Wed Sep 2 17:43:39 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6030E1065672 for ; Wed, 2 Sep 2009 17:43:39 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from mail-ew0-f208.google.com (mail-ew0-f208.google.com [209.85.219.208]) by mx1.freebsd.org (Postfix) with ESMTP id E39B38FC1B for ; Wed, 2 Sep 2009 17:43:38 +0000 (UTC) Received: by ewy4 with SMTP id 4so1058116ewy.36 for ; Wed, 02 Sep 2009 10:43:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=1Mq6dQlCaWj7Z4ES8vuZcQ5WJ56StVV8CNnui6y+MIU=; b=LUu1poicjBgePzc2xUetlPnQ3bv01/qm4C+7nIiBhYmZ5JbZHZuQunpnyP2VY1m5dl Ve5JmJttId/uakb8xFEOLcyuq0FnNk93LbYZKlnyXKIY30QtRFxEr/gb6qAJ8PLKxGzN C7XJ1tbfv0+uYyR0RDGtrggklTupypUTWE54w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=Pt7K3msTxmjKUFkJN8KTixFbv7xSDGvx1oHnPR83QTKVc6YzFZDctsfbCjAMPvy6xy 9yiNj+Usj5uC/zovdGDDgFCvRi9kfzR4jwYxjmz3ARngAb8kwWXeLzUiI9hmO1RwTuCg 7jhvt2FuDJQVpATcyM3kehQdwbPvsopV06DUA= MIME-Version: 1.0 Received: by 10.210.3.21 with SMTP id 21mr9132107ebc.40.1251913416943; Wed, 02 Sep 2009 10:43:36 -0700 (PDT) In-Reply-To: <20090902170301.GE2855@dan.emsphone.com> References: <4A9E1D63.8030101@mapper.nl> <20090902170301.GE2855@dan.emsphone.com> Date: Wed, 2 Sep 2009 10:43:36 -0700 Message-ID: From: Kurt Buff To: Dan Nelson Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: Mark Stapper , freebsd-questions@freebsd.org Subject: Re: Daily security report oddity... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Sep 2009 17:43:39 -0000 On Wed, Sep 2, 2009 at 10:03, Dan Nelson wrote: > In the last episode (Sep 02), Kurt Buff said: >> Heh. Well, for me a very long time is more than a year, because >> security patches for the OS will at some point mandate a reboot - and >> usually in less than a year. >> >> I suppose there's a way to do auth log rotation automagically - would >> that be sysutils/logrotate? > > The system already rotates auth.log. =C2=A0Just edit /etc/newsyslog.conf = and add > a date check to the line for auth.log. =C2=A0The default is to roll it wh= en it > hits 100KB, but if you add something like $M1D0 to the "when" column it'l= l > rotate it monthly as well. > > -- > =C2=A0 =C2=A0 =C2=A0 =C2=A0Dan Nelson > =C2=A0 =C2=A0 =C2=A0 =C2=A0dnelson@allantgroup.com That's exactly the clue I needed. Thanks, Dan. I'm looking at 'man newsyslog.conf' right now. Kurt