Bug#725735: libapache2-mod-shib2: Please consider adding a logrotate file

Russ Allbery rra at debian.org
Mon Oct 7 20:56:18 UTC 2013

Matt Zagrabelny <mzagrabe at d.umn.edu> writes:

> I just apt-get sourced libapache2-mod-shib2 and it does not appear to
> include a logrotate.d/shibboleth file. Although it seems that the Shib
> SP does not generate great amounts of logs, if something goes awry, then
> the logs will get big. The logrotate config file could be modeled after
> the apache2 one.

Is this about the /var/log/shibboleth log files (specifically shibd.log,
shibd_warn.log, transation.log, and signature.log)?  If so, shibd does its
own log rotation automatically via log4shib.  See
/etc/shibboleth/shibd.logger for how it's configured.

It might be worth doing the same thing I did with native.logger and
reroute that to syslog, since I'm generally not a fan of things writing
out their own logs, but I'm not sure much would be gained by disabling
that in favor of using logrotate while keeping separate logs.

Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>

More information about the Pkg-shibboleth-devel mailing list