DHCP and a wireless card (reprise)Handling Spam

Rotating Apache Log Files

After I had discovered that the stock version of Apache didn't have an automatic method of rotating log files, I investigated the possibilities. My first solution was to use rotatelogs, as suggested by the O'Reilly Apache book. The rotatelogs binary is delivered along with Apache. The Apache httpd.conf file is used to instruct Apache to use the feature, like so:

CustomLog "| rotatelogs /var/log/httpd-access-%y%m%d.log 604800" combined

This causes the log output to be piped to rotatelogs, stored in a file with the year/month/day suffix. Files are rotated every 604800 seconds, which as you knew instantly, is one week.

This seemed to work fine, but I noticed that occasionally log messages would not appear in the log files. At the same time, Apache would seem to be sluggish in its response. Starting and stopping Apache fixed the problem, but I began to suspect that piping output through rotatelogs was somehow the cause of the logging issue. Searching the web revealed a couple of people reporting a similar problem, but the solutions didn't seem to be germane.

After a bit of digging, once again FreeBSD Diary came up trumps. This suggested the use of the FreeBSD newsyslog facility, which is used to rotate virtually all of the log files generated by FreeBSD itself.

To use newsyslog, entries to control the rotation of the Apache log files must be placed in /etc/newsyslog.conf. Newsyslog is itself started every hour, under the control of the root crontab /etc/crontab.

I placed the following new lines into newsyslog.conf:

/var/log/httpd-access.log   644  7     *    $W0D0 B   /var/run/  30
/var/log/httpd-error.log    644  7     *    $W0D0 B   /var/run/  30

The first field is the name of the file to rotate. The second is the permission to give the file; the third the number of old log files to keep; the fourth the size that will cause rotation (* says there is no size limit); fifth, the time of rotation (weekly, on Sunday at midnight), the sixth is how to treat the log file on rotation (B says it's binary and so newsyslog shouldn't write its normal message to the start of the file on rotation); the seventh is the process id of the process to inform of the rotation (/var/run/ is where Apache's process id is stored), and the final field is the signal to send to the process (30 is SIGUSR1, which tells Apache to gracefully restart).

So far, this seems to be working OK, but I will keep an eye on it for the time being. Note that /etc/newsyslog.conf is yet another file that will need to be preserved in the event of a FreeBSD operating system upgrade.

DHCP and a wireless card (reprise)Handling Spam