Var/Log, /Etc/Logrotate.D - Syslogd, Klogd - Logrotate - /Etc/Syslog.Conf, /Etc/Sysconfig/Syslog, /Etc/Logrotate.Conf - Last, Lastlog

12.

: .

- /var/log, /etc/logrotate.d - syslogd, klogd - logrotate - /etc/syslog.conf, /etc/sysconfig/syslog, /etc/logrotate.conf - last, lastlog

. , .

12.1 /var/log

syslogd ./var/log, . 12.1 .

. . wtmp lastlog , wtmp last , lastlog lastlog .

1) last sangjin pts/0 Mon Oct 27 17:35 still logged in 2) lastlog -u sangjin sangjin :0 10 27 17:35:55 +0900 2003

12.2 syslogd

-1- <12.1>/var/log

messages

secure xinetd

boot.log rc

dmesg

wtmp login

lastlog login

cron cron cron

maillog sendmail

sysklogd . klogd syslogd , klogd syslogd , syslogd /dev/log /etc/syslog.conf , . syslogd /var/run/syslogd.pid . syslogd . syslogd .

# kill -HUP `/bin/cat /var/run/syslogd.pid` syslogd /etc/syslog.conf . . .

(facility). (severity level) (action)

, .,

-2- <12.2>syslogd

auth

authpriv

cron cron, at

daemon

ftp ftpd( )

kern local0 - local7

lpr

mail sendmail

mark timestamp

news

syslog syslogd

user

uucp uucp ( )

, . kernel, syslogd , (user) . syslogd 12.2 .

priv, authpriv . mark . ‘*’ mark . , .

-3- <12.3>

7 debug

6info

5notice

4 warning

3err

2crit

1alert

0emerg

8, . mail.warning mail.warning, mail.notice, mail.info, mail.debug, *.warning, *.notice, *.info, *.debug .8 12.3. none , ‘*’ . ‘=’ , ‘!’ . 12.4 .

. z : . . z : .. z : . . ) sangjin,john ‘*’

-4- <12.4>

daemon.info info .

daemon.=warning warning .

debug, info, notice, warning daemon.debug;daemon.!err .

notice daemon.debug;daemon.!=notice .

. z : .IP , ‘@’ . ) @www.kut.ac.kr

syslogd -r

. syslogd /etc/sysconfig/syslog .

/etc/syslog.conf .

*.emerg *

emerg .

*.info;mail.none;authpriv.none;cron.none /var/log/messages mail, authpriv, cron info info /var/log/messages .

-5- <12.5>syslogd

syslogd

cron cron info

ftpd ftp debug - crit

lpd lpr info - err

passwd auth notice, warning

popper local0 debug, notice pop3

sendmail mail debug - alert sendmail

shutdown auth notice

su auth notice UID

sudo local2 notice, alert su

syslogd syslog,mark info - err ,

vmlinuz kern all

xinted configurable info

. . /etc/syslog.conf syslogd .

/etc/init.d/syslog restart

12.3 syslogd syslogd 12.5 .

12.4 logrotate

-6- < 12.6>logrotate

compress . create . daily, weekly, monthly . delaycompress . errors . missingok . notifempty . olddir dir dir . prerotate script endscript . postrotate script . endscript5 sharedscripts .

n. rotate n n+1 .

logsize size=logsize .

. , . logrotate . cron . /etc/logrotate.conf , logrotate

-7- . logrotate 12.6 .

/etc/logrotate.conf , . /etc/logrotate.d .

{

}

) /etc/syslog.conf wtmp . /var/log/wtmp{ monthly create 0644 root utmp rotate 1 } wtmp , . wtmp /var/log utmp /var/run . wtmp utmp .

-8-