Securing log rotation

Daniel McNamara daniel.mcnamara at webone.com.au
Fri Aug 10 20:03:14 EST 2001


Hey there guys,

I've decided to get a little paranoid and start adding a few extra security
measures to my server. What I want to do is use the chattr command to give
all currently active log files the "a" settings to allow append only and all
old logs to be given the "i" setting to help prevent overwriting. The
problem I'm having is figuring how to configure me /etc/logrotate.conf file
so that the new file is given the "a" setting, the newly rotated log the "i"
setting and on the oldest log file usually the 5th to remove the "i" setting
and delete that file.

Anyone out there attempted this before? Or know how the hell I could achieve
this?

Cheers

Daniel





More information about the linux mailing list