Date: Tue, 16 Mar 2004 19:15:57 -0500 From: "Jonathan T. Sage" <sagejona@theatre.msu.edu> To: Wayne Sierke <ws+freebsd-questions@au.dyndns.ws> Cc: Bart Silverstrim <bsilver@chrononomicon.com> Subject: Re: ClamAV Log Rotation (WAS: Antivirus suggestion...) Message-ID: <405798BD.4030301@theatre.msu.edu> In-Reply-To: <1079479714.3992.138.camel@ovirt.dyndns.ws> References: <000c01c2eafb$52cfdbc0$0401a8c0@bloodlust> <A2351FB4-768D-11D8-A92D-000A956D2452@chrononomicon.com> <4055EAFE.7050503@theatre.msu.edu> <8FDB539E-76AA-11D8-A92D-000A956D2452@chrononomicon.com> <4055EFAD.5080202@theatre.msu.edu> <588423B0-76AC-11D8-A92D-000A956D2452@chrononomicon.com> <40562AFC.4080004@theatre.msu.edu> <1079479714.3992.138.camel@ovirt.dyndns.ws>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig32660EB884B596043B048CBC Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Wayne Sierke wrote: > <snip> > >>Clamd log rotation: >> >>first and foremost, make sure that clamav is gonna drop a pidfile. in >>/usr/local/etc/clamav.conf, uncomment: >> >># This option allows you to save the process identifier of the listening >># daemon (main thread). >>PidFile /var/run/clamd.pid >> >>then, add the following (one line) to /etc/newsyslog.conf >> >>/var/log/clamd.log 644 3 * $W0D1 BJ \ >> /var/run/clamd.pid 1 >> >>this will rotate the log once a week, keep 3 of them (current log +3 >>weeks). it will also compress the old one with bzip2 and SIGHUP the >>clamd process. seems to work just fine for me, running clamav-devel on >>-current (Mar 3 or so right now) >> > > Here's what I got: > > # ls -lrt /var/log/clamd* > -rw-r----- 1 clamav clamav 0 Mar 17 06:00 /var/log/clamd.log > -rw-r----- 1 clamav clamav 35873 Mar 17 09:00 /var/log/clamd.log.0 > > # tail -n 6 /var/log/clamd.log.0 > Wed Mar 17 05:58:54 2004 -> SelfCheck: Database status OK. > Wed Mar 17 06:00:00 2004 -> SIGHUP catched: log file re-opened. > Wed Mar 17 06:00:00 2004 -> ERROR: accept() failed. > Wed Mar 17 06:59:32 2004 -> SelfCheck: Database status OK. > Wed Mar 17 08:00:10 2004 -> SelfCheck: Database status OK. > Wed Mar 17 09:00:48 2004 -> SelfCheck: Database status OK. > > # portversion -v "clamav*" > clamav-0.67.1 = up-to-date with port > > > Hmm, just saw a submission to -ports for an update to 0.70-rc, looks > like that version is needed to have the SIGHUP handling (according to > its NEWS file). > Ah. yes, When I wrote this, i was using clamav-devel, and the SIGHUP handling works fine there. thanks for the info though. ~j -- Jonathan T. Sage Theatrical Lighting / Set Designer Professional Web Design [HTTP://www.JTSage.com] [sagejona@msu.edu] [See Headers for Contact Info] --------------enig32660EB884B596043B048CBC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFAV5i9oVmW2UUup/ERAkQkAJ9X4zQJFanILA1n6c3NAM62x6kNHACfUoZX 7Zza+HPC30d5q3eGS1k4JCg= =Yvb7 -----END PGP SIGNATURE----- --------------enig32660EB884B596043B048CBC--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?405798BD.4030301>