fedora-users October 2011 archive
Main Archive Page > Month Archives  > fedora-users archives
fedora-users: Re: fail2ban vs. logrotate

Re: fail2ban vs. logrotate

From: Andre Speelmans <fedora-list_at_nospam>
Date: Tue Oct 25 2011 - 14:07:15 GMT
To: Community support for Fedora users <users@lists.fedoraproject.org>

> I was referring to the fail2ban RPM. This has to be a problem for
> just about any installation that uses logrotate.

Most daemons seem to use their own logfile and therefore can use their
own logrotate configuration script in /etc/logrotate.d.

But /var/log/secure is not handled by a specific daemon and thus is
taken care of in the standard logrotate configuration. I don't know
what effects it would give if you try to override it in a more
specific configuration script. Might even not be possible. Or perhaps
it is, hehe.

Anyway I think that when you depend on /var/log/secure (or any generic
logfile), you can't do anything, except informing the users to change
their configuration.
To that extent you can either make it copy-truncate or add a
postrotate script to restart/reload fail2ban.

-- Kind regards, André -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines