Annotation of src/usr.bin/newsyslog/newsyslog.8, Revision 1.2
1.2 ! deraadt 1: .\" $OpenBSD: newsyslog.8,v 1.1.1.1 1995/10/18 08:45:51 deraadt Exp $
1.1 deraadt 2: .TH NEWSYSLOG 8 "January 12, 1989" "Project Athena"
3: .ns
4: .\" This file contains changes from the Open Software Foundation.
5: .\"
6: .\" from: @(#)newsyslog.8
7: .\"
8: .\" Copyright 1988, 1989 by the Massachusetts Institute of Technology
9: .\"
10: .\" Permission to use, copy, modify, and distribute this software
11: .\" and its documentation for any purpose and without fee is
12: .\" hereby granted, provided that the above copyright notice
13: .\" appear in all copies and that both that copyright notice and
14: .\" this permission notice appear in supporting documentation,
15: .\" and that the names of M.I.T. and the M.I.T. S.I.P.B. not be
16: .\" used in advertising or publicity pertaining to distribution
17: .\" of the software without specific, written prior permission.
18: .\" M.I.T. and the M.I.T. S.I.P.B. make no representations about
19: .\" the suitability of this software for any purpose. It is
20: .\" provided "as is" without express or implied warranty.
21: .\"
22: .sp
23: .SH NAME
24: newsyslog \- maintain system log files to manageable sizes
25: .SH SYNOPSIS
26: .B /usr/bin/newsyslog
27: [
28: .B \-vnr
29: ] [
30: .B \-f
31: .I configuration file
32: ]
33: .SH DESCRIPTION
34: .I Newsyslog
35: is a program that should be scheduled to run periodically by
36: .IR crontab .
37: When it is executed it archives log files if necessary. If a log file
38: is determined to require archiving,
39: .I newsyslog
40: rearranges the files so that ``logfile'' is empty, ``logfile.0'' has
41: the last period's logs in it, ``logfile.1'' has the next to last
42: period's logs in it, and so on, up to a user-specified number of
43: archived logs. Optionally the archived logs can be compressed to save
44: space.
45: .PP
46: A log can be archived because of two reasons. The log file can have
47: grown bigger than a preset size in kilobytes, or a preset number of
48: hours may have elapsed since the last log archive. The granularity of
49: .I newsyslog
50: is dependent on how often it is scheduled to run in crontab. Since
51: the program is quite fast, it may be scheduled to run every hour
52: without any ill effects.
53: .PP
54: When starting up,
55: .I newsyslog
56: reads in a configuration file to determine which logs should be looked
57: at. By default, this configuration file is
58: .IR /etc/newsyslog.conf .
59: Each line of the file contains information about a particular log file
60: that should be handled by
61: .IR newsyslog .
62: Each line has five mandatory fields and two optional fields, with a
63: whitespace separating each field. Blank lines or lines beginning with
64: ``#'' are ignored. The fields of the configuration file are as
65: follows:
66: .br
67: logfile name
68: .br
69: owner.group of archives (optional)
70: .br
71: mode of logfile & archives
72: .br
73: number of archives
74: .br
75: size of archives
76: .br
77: archive interval
78: .br
79: flags (optional)
80: .PP
81: The
82: .I logfile name
83: entry is the name of the system log file to be archived.
84: .PP
85: The optional
86: .I owner.group
87: entry specifies an ownership and group for the archive file.
88: The "." is essential, even if the
89: .I owner
90: or
91: .I group
92: field is left blank. The
93: fields may be numeric, or a name which is looked up in
94: .I /etc/passwd
95: or
96: .IR /etc/group .
97: .PP
98: The
99: .I number of archives
100: entry specifies the number of archives to be kept besides the log file
101: itself.
102: .PP
103: When the size of the logfile reaches
104: .I size of
105: .IR archives ,
106: the logfile becomes trimmed as described above. If this field is
107: replaced by a ``*'', then the size of the logfile is not taken into
108: account when determining when to trim the log file.
109: .PP
110: The
111: .I number of hours
112: entry specifies the time separation between the trimming of the log
113: file. If this field is replaced by a ``*'', the the number of hours
114: since the last time the log was trimmed will not be taken into
115: consideration.
116: .PP
117: The
118: .I flags
119: field specifies if the archives should have any special processing
120: done to the archived log files. The ``Z'' flag will make the archive
121: files compressed to save space using /usr/bin/gzip. The ``B'' flag
122: means that the file is a binary file, and so the ascii message which
123: .I newsyslog
124: inserts to indicate the fact that the logs have been turned over
125: should not be included.
126: .PP
127: .SH OPTIONS
128: The following options can be used with newsyslog:
129: .TP
130: .B \-f \fIconfig-file
131: instructs newsyslog to use
132: .I config-file
133: instead of /etc/newsyslog.conf for its configuration file.
134: .TP
135: .B \-v
136: places
137: .I newsyslog
138: in verbose mode. In this mode it will print out each log and its
139: reasons for either trimming that log or skipping it.
140: .TP
141: .B \-n
142: causes
143: .I newsyslog
144: not to trim the logs, but to print out what it would do if this option
145: were not specified.
146: .TP
147: .B \-r
148: removes the restriction that
149: .I newsyslog
150: must be running as root. Of course,
151: .I newsyslog
152: will not be able to send a HUP signal to
153: .IR syslogd ,
154: so this option should only be used in debugging.
155: .SH FILES
156: /etc/newsyslog.conf
157: .SH BUGS
158: Doesn't yet automatically read the logs to find security breaches.
159:
160:
161: .SH AUTHOR
162: Theodore Ts'o, MIT Project Athena
163: .br
164: Copyright 1987, Massachusetts Institute of Technology
165: .SH "SEE ALSO"
166: syslogd(8), syslog(3), gzip(1)
167: .ns
168: .sp