Archive

Monthly Archives: September 2008

logrotate is the default application used to rotate all other log files not handled by syslog itself (details on rotating system log files can be found in part 1 of the article). It allows automatic rotation, compression, removal, and mailing of log files. Each log file may be handled daily, weekly, monthly, or when it grows too large.

Normally, logrotate is run as a daily cron job. Let’s look into the script that was installed in /etc/cron.daily for this:

cat /etc/cron.daily/logrotate
#!/bin/sh

test -x /usr/sbin/logrotate || exit 0
/usr/sbin/logrotate /etc/logrotate.conf

Logrotate will look into /etc/logrotate.conf for its configuration directives.

cat /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly

# keep 4 weeks worth of backlogs
rotate 4

# create new (empty) log files after rotating old ones
create

# uncomment this if you want your log files compressed
#compress

# packages drop log rotation information into this directory
include /etc/logrotate.d

# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
missingok
monthly
create 0664 root utmp
rotate 1
}

/var/log/btmp {
missingok
monthly
create 0664 root utmp
rotate 1
}

# system-specific logs may be configured here

So we can see it defines some default parameters (weekly, rotate 4, create, compress) and includes all the files from /etc/logrotate.d/. Also it defines the rotation for some files that are not handled by syslog itself, like wtmp. For example, I would want to keep more than one month of old wtmp logs, then I would have to change the parameter rotate 1.

Inside the /etc/logrotate.d/ various packages will install their own configuration file that will ensure their logs are properly rotate (on my fresh Debian install I have the following files: acpid apache2 aptitude base-config dpkg exim4-base). As long as you don’t change the paths to those logs the rotation will work out of the box. But in case you change them you might want to look inside this folder and make the proper adjustments to the log file definitions, to assure they will be rotated. For example, let’s look at the apache rotation file created here by the apache2 package:

cat /etc/logrotate.d/apache2
/var/log/apache2/*.log {
weekly
missingok
rotate 52
compress
delaycompress
notifempty
create 640 root adm
sharedscripts
postrotate
if [ -f /var/run/apache2.pid ]; then
/etc/init.d/apache2 restart > /dev/null
fi
endscript
}

We can see that by default it will rotate apache logs found in /var/log/apache2/ that have the extension *.log, on a weekly basis and keep 52 archives (about 1 year) of the old data. Once the rotation is completed it will restart the apache daemon. You can check logrotate manual page for all the available parameters, as they are self-explanatory.
Now, if I would like to keep my own apache log files in a different location (/var/weblogs for example) and rotate them monthly then I will need to make the following changes:

/var/weblogs/*.log {
monthly
...

Probably, I will also want to change the default hour when the daily cron is running to have it on midnight. Anyway this is just an example and you will most certainly configure this based on your needs.

Even though I didn’t intended with this article to describe what each configuration parameter of logrotate means (as you can easily find out yourself), but to show what is the logic and its functionality, I would like to add that while configuring and testing this you might find very useful the debug option:

logrotate -d file

This will show you what it will do, without actually rotating anything, and this is most valuable while testing complex setups that you don’t want to ‘play’ with the logs to see if your configuration will work as you want it.

Also logrotate -f file will force the rotation even if that would have normally not occurred (logrotate will only assume it need to run and rotate logs once per day).

Note: as mentioned also in part 1, RedHat based systems (RHEL, Centos, Fedora, etc.) will also rotate by default the ’system logs’ using logrotate and not syslog’s internal method as Debian systems. This is handled by default with the logrotate configuration file:

cat /etc/logrotate.d/syslog
/var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron {
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
endscript
}

The sharedscripts parameter means that the postrotate script will only be run once (after the old logs have been compressed), not once for each log which is rotated.
So nothing special defined here, besides the log files that will be rotated, and it will use the defaults from /etc/logrotate.conf.

Go to:
Rotating Linux Log Files – Introduction
Rotating Linux Log Files – Part 1: syslog

Advertisements

BACKUP

Set a domain name as a variable in your shell (not really required, just makes the rest harder to screw up if you copy and paste from this howto):

DOMAIN_NAME=example.com

Go to the directory where plesk keeps the dumps

cd /var/lib/psa/dumps/$DOMAIN_NAME

Create a file with the description. even if you don’t care about the description, the file needs to exist.

echo "description goes here" > description.txt

Run the backup:

/usr/local/psa/admin/bin/domain_bu --backup --domain-name $DOMAIN_NAME --dump-file $DOMAIN_NAME.domain_dump --desc-file description.txt

Note that the shell prompt will be returned to you before the backup is completd. you can watch for the backup to be finished with this command (after waiting a moment or two for backup_restore.log to be created if it wasn’t there already):

tail -f backup_restore.log

When you see the text “Single domain backup is successfully completed.” (or something to that effect, depending on your version), the backup is completed.

RESTORE

To restore again with the backup, or restore on another server:

– Add the domain under the desired client in plesk (the domain has to exist in plesk to continue).

– Copy the .dump file to other server’s /var/lib/psa/dumps/[DOMAIN_NAME] directory.

– Set a domain name, client login and ip address the site should use as variables in your shell (not really required, just makes the rest harder to screw up if you copy and paste from this howto):

DOMAIN_NAME=example.com
CLIENT_LOGIN=myclient
IP_ADDRESS=1.2.3.4

Go to the dumps directory where you had copied the dump to

cd /var/lib/psa/dumps/$DOMAIN_NAME

Run the restore command:

/usr/local/psa/admin/bin/domain_bu --restore --domain-name $DOMAIN_NAME --client-login $CLIENT_LOGIN --domain-ip $IP_ADDRESS --dump-file $DOMAIN_NAME.domain_dump

If you get errors when restoring related to unmatched cert, see the instructions here: http://forum.plesk.com/showthread.php?s=&threadid=12274

MIGRATION TIPS

If this backup/restore was to move a domain to a new server, here are some useful tips:

– Set the TTL for the zone to something low like 600 more than a day in advance.

– After the move, you can add something like this to the .htaccess file of the site on the old server (for web requests that still make it there):

RewriteEngine on
RewriteRule (.*) http://domain.com.previewhostname/$1 [P]

where domain.com.previewhostname would be where the site can be viewed before dns is changed.

* Google Chrome is Google’s open source browser project. As rumored before under the name of “Google Browser”, this will be based on the existing rendering engine Webkit. Furthermore, it will include Google’s Gears project.
* The browser will include a JavaScript Virtual Machine called V8, built from scratch by a team in Denmark, and open-sourced as well so other browsers could include it. One aim of V8 was to speed up JavaScript performance in the browser, as it’s such an important component on the web today. Google also say they’re using a “multi-process design” which they say means “a bit more memory up front” but over time also “less memory bloat.” When web pages or plug-ins do use a lot of memory, you can spot them in Chrome’s task manager, “placing blame where blame belongs.”
* Google Chrome will use special tabs. Instead of traditional tabs like those seen in Firefox, Chrome puts the tab buttons on the upper side of the window, not below the address bar.

* The browser has an address bar with auto-completion features. Called ’omnibox’, Google says it offers search suggestions, top pages you’ve visited, pages you didn’t visit but which are popular amd more. The omnibox (“omni” is a prefix meaning “all”, as in “omniscient” – “all-knowing”) also lets you enter e.g. “digital camera” if the title of the page you visited was “Canon Digital Camera”. Additionally, the omnibox lets you search a website of which it captured the search box; you need to type the site’s name into the address bar, like “amazon”, and then hit the tab key and enter your search keywords.
* As a default homepage Chrome presents you with a kind of “speed dial” feature, similar to the one of Opera. On that page you will see your most visited webpages as 9 screenshot thumbnails. To the side, you will also see a couple of your recent searches and your recently bookmarked pages, as well as recently closed tabs.

* Chrome has a privacy mode; Google says you can create an “incognito” window “and nothing that occurs in that window is ever logged on your computer.” The latest version of Internet Explorer calls this InPrivate. Google’s use-case for when you might want to use the “incognito” feature is e.g. to keep a surprise gift a secret. As far as Microsoft’s InPrivate mode is concerned, people also speculated it was a “porn mode.”
* Web apps can be launched in their own browser window without address bar and toolbar. Mozilla has a project called Prism that aims to do similar (though doing so may train users into accepting non-URL windows as safe or into ignoring the URL, which could increase the effectiveness of phishing attacks).
* To fight malware and phishing attempts, Chrome is constantly downloading lists of harmful sites. Google also promises that whatever runs in a tab is sandboxed so that it won’t affect your machine and can be safely closed. Plugins the user installed may escape this security model, Google admits.

This looks like a very interesting project, and I think it can’t hurt to have more competition in the browser area. Google is playing this as nicely as possible by open-sourcing things, with perhaps part of the reason to try to defend against monopoly accusations – after all, Google already owns a lot of what’s happening inside the browser, and some may feel owning a browser too could be a little too much power for a single company (Google could, for instance, release browser features that benefit their sites more than most other sites… as can Microsoft with Internet Explorer). For now, until Chrome is released in a testable version, how much of the speed, stability and user interface promises will be fullfilled – and how much of the interface you’ll be able to configure in case you don’t like it – remains to be seen.

[Images by Google.]

Update: Google now posted on this at their blog, announcing the launch date to be tomorrow, Tuesday.

Update 2: At gears.google.com/chrome/, screenshots of Google Chrome have appeared:

The service’s logo is also shown on that page (it also appears in Google’s official reprint of the comic at Google Books):