1.\" This file contains changes from the Open Software Foundation. 2.\" 3.\" from: @(#)newsyslog.8 4.\" $FreeBSD$ 5.\" 6.\" Copyright 1988, 1989 by the Massachusetts Institute of Technology 7.\" 8.\" Permission to use, copy, modify, and distribute this software 9.\" and its documentation for any purpose and without fee is 10.\" hereby granted, provided that the above copyright notice 11.\" appear in all copies and that both that copyright notice and 12.\" this permission notice appear in supporting documentation, 13.\" and that the names of M.I.T. and the M.I.T. S.I.P.B. not be 14.\" used in advertising or publicity pertaining to distribution 15.\" of the software without specific, written prior permission. 16.\" M.I.T. and the M.I.T. S.I.P.B. make no representations about 17.\" the suitability of this software for any purpose. It is 18.\" provided "as is" without express or implied warranty. 19.\" 20.Dd January 31, 2011 21.Dt NEWSYSLOG 8 22.Os 23.Sh NAME 24.Nm newsyslog 25.Nd maintain system log files to manageable sizes 26.Sh SYNOPSIS 27.Nm 28.Op Fl CFNPnrsv 29.Op Fl a Ar directory 30.Op Fl d Ar directory 31.Op Fl f Ar config_file 32.Op Fl S Ar pidfile 33.Op Fl t Ar timefmt 34.Op Oo Fl R Ar tagname Oc Ar 35.Sh DESCRIPTION 36The 37.Nm 38utility should be scheduled to run periodically by 39.Xr cron 8 . 40When it is executed it archives log files if necessary. 41If a log file 42is determined to require archiving, 43.Nm 44rearranges the files so that 45.Dq Va logfile 46is empty, 47.Dq Va logfile Ns Li \&.0 48has 49the last period's logs in it, 50.Dq Va logfile Ns Li \&.1 51has the next to last 52period's logs in it, and so on, up to a user-specified number of 53archived logs. 54It is also possible to let archived log filenames be created using the 55time the log file was archived instead of the sequential number using 56the 57.Fl t 58option. 59Optionally the archived logs can be compressed to save 60space. 61.Pp 62A log can be archived for three reasons: 63.Bl -enum -offset indent 64.It 65It is larger than the configured size (in kilobytes). 66.It 67A configured number of hours have elapsed since the log was last 68archived. 69.It 70This is the specific configured hour for rotation of the log. 71.El 72.Pp 73The granularity of 74.Nm 75is dependent on how often it is scheduled to run by 76.Xr cron 8 . 77Since the program is quite fast, it may be scheduled to run every hour 78without any ill effects, 79and mode three (above) assumes that this is so. 80.Sh OPTIONS 81The following options can be used with 82.Nm : 83.Bl -tag -width indent 84.It Fl f Ar config_file 85Instruct 86.Nm 87to use 88.Ar config_file 89instead of 90.Pa /etc/newsyslog.conf 91for its configuration file. 92.It Fl a Ar directory 93Specify a 94.Ar directory 95into which archived log files will be written. 96If a relative path is given, 97it is appended to the path of each log file 98and the resulting path is used as the directory 99into which the archived log for that log file will be written. 100If an absolute path is given, 101all archived logs are written into the given 102.Ar directory . 103If any component of the path 104.Ar directory 105does not exist, 106it will be created when 107.Nm 108is run. 109.It Fl d Ar directory 110Specify a 111.Ar directory 112which all log files will be relative to. 113To allow archiving of logs outside the root, the 114.Ar directory 115passed to the 116.Fl a 117option is unaffected. 118.It Fl v 119Place 120.Nm 121in verbose mode. 122In this mode it will print out each log and its 123reasons for either trimming that log or skipping it. 124.It Fl n 125Cause 126.Nm 127not to trim the logs, but to print out what it would do if this option 128were not specified. 129.It Fl r 130Remove the restriction that 131.Nm 132must be running as root. 133Of course, 134.Nm 135will not be able to send a HUP signal to 136.Xr syslogd 8 137so this option should only be used in debugging. 138.It Fl s 139Specify that 140.Nm 141should not send any signals to any daemon processes that it would 142normally signal when rotating a log file. 143For any log file which is rotated, this option will usually also 144mean the rotated log file will not be compressed if there is a 145daemon which would have been signalled without this option. 146However, this option is most likely to be useful when specified 147with the 148.Fl R 149option, and in that case the compression will be done. 150.It Fl t Ar timefmt 151If specified 152.Nm 153will create the 154.Dq rotated 155logfiles using the specified time format instead of the default 156sequential filenames. 157The time format is described in the 158.Xr strftime 3 159manual page. 160If the 161.Ar timefmt 162argument is set to an empty string or the string 163.Dq DEFAULT , 164the default built in time format 165is used. 166If the 167.Ar timefmt 168string is changed the old files created using the previous time format 169will not be be automatically removed (unless the new format is very 170similar to the old format). 171This is also the case when changing from sequential filenames to time 172based file names, and the other way around. 173The time format should contain at least year, month, day, and hour to 174make sure rotating of old logfiles can select the correct logfiles. 175.It Fl C 176If specified once, then 177.Nm 178will create any log files which do not exist, and which have the 179.Sy C 180flag specified in their config file entry. 181If specified multiple times, then 182.Nm 183will create all log files which do not already exist. 184If log files are given on the command-line, then the 185.Fl C 186or 187.Fl CC 188will only apply to those specific log files. 189.It Fl F 190Force 191.Nm 192to trim the logs, even if the trim conditions have not been met. 193This 194option is useful for diagnosing system problems by providing you with 195fresh logs that contain only the problems. 196.It Fl N 197Do not perform any rotations. 198This option is intended to be used with the 199.Fl C 200or 201.Fl CC 202options when creating log files is the only objective. 203.It Fl P 204Prevent further action if we should send signal but the 205.Dq pidfile 206is empty or does not exist. 207.It Fl R Ar tagname 208Specify that 209.Nm 210should rotate a given list of files, even if trim conditions are not 211met for those files. 212The 213.Ar tagname 214is only used in the messages written to the log files which are 215rotated. 216This differs from the 217.Fl F 218option in that one or more log files must also be specified, so that 219.Nm 220will only operate on those specific files. 221This option is mainly intended for the daemons or programs which write 222some log files, and want to trigger a rotate based on their own criteria. 223With this option they can execute 224.Nm 225to trigger the rotate when they want it to happen, and still give the 226system administrator a way to specify the rules of rotation (such as how 227many backup copies are kept, and what kind of compression is done). 228When a daemon does execute 229.Nm 230with the 231.Fl R 232option, it should make sure all of the log files are closed before 233calling 234.Nm , 235and then it should re-open the files after 236.Nm 237returns. 238Usually the calling process will also want to specify the 239.Fl s 240option, so 241.Nm 242will not send a signal to the very process which called it to force 243the rotate. 244Skipping the signal step will also mean that 245.Nm 246will return faster, since 247.Nm 248normally waits a few seconds after any signal that is sent. 249.It Fl S Ar pidfile 250Use 251.Ar pidfile 252as 253.Xr syslogd 8 Ns 's 254pidfile. 255.El 256.Pp 257If additional command line arguments are given, 258.Nm 259will only examine log files that match those arguments; otherwise, it 260will examine all files listed in the configuration file. 261.Sh FILES 262.Bl -tag -width /etc/newsyslog.confxxxx -compact 263.It Pa /etc/newsyslog.conf 264.Nm 265configuration file 266.El 267.Sh COMPATIBILITY 268Previous versions of the 269.Nm 270utility used the dot (``.'') character to 271distinguish the group name. 272Beginning with 273.Fx 3.3 , 274this has been changed to a colon (``:'') character so that user and group 275names may contain the dot character. 276The dot (``.'') character is still 277accepted for backwards compatibility. 278.Sh SEE ALSO 279.Xr bzip2 1 , 280.Xr gzip 1 , 281.Xr xz 1 , 282.Xr syslog 3 , 283.Xr newsyslog.conf 5 , 284.Xr chown 8 , 285.Xr syslogd 8 286.Sh HISTORY 287The 288.Nm 289utility originated from 290.Nx 291and first appeared in 292.Fx 2.2 . 293.Sh AUTHORS 294.An Theodore Ts'o , 295MIT Project Athena 296.Pp 297Copyright 1987, Massachusetts Institute of Technology 298.Sh BUGS 299Does not yet automatically read the logs to find security breaches. 300