Bug#725735: libapache2-mod-shib2: Please consider adding a logrotate file
Russ Allbery
rra at debian.org
Mon Oct 7 20:56:18 UTC 2013
Matt Zagrabelny <mzagrabe at d.umn.edu> writes:
> I just apt-get sourced libapache2-mod-shib2 and it does not appear to
> include a logrotate.d/shibboleth file. Although it seems that the Shib
> SP does not generate great amounts of logs, if something goes awry, then
> the logs will get big. The logrotate config file could be modeled after
> the apache2 one.
Is this about the /var/log/shibboleth log files (specifically shibd.log,
shibd_warn.log, transation.log, and signature.log)? If so, shibd does its
own log rotation automatically via log4shib. See
/etc/shibboleth/shibd.logger for how it's configured.
It might be worth doing the same thing I did with native.logger and
reroute that to syslog, since I'm generally not a fan of things writing
out their own logs, but I'm not sure much would be gained by disabling
that in favor of using logrotate while keeping separate logs.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-shibboleth-devel
mailing list